Create a Security Incident Response process definition

You can create a process definition to define the way security incidents transition from one state to the next. Process definitions give service desks and end users help tracking the problem throughout its life cycle.

Before you begin

Role required: admin and sn.si_admin

Procedure

  1. Navigate to Security Incident > Administration > Process Definition.
  2. Click New.
  3. Fill in the fields, as appropriate.
    Table 1. Creating process definitions
    Field Description
    Name Name of the record which describes the process encoded in the script include file. The name is displayed as a choice in the Process Definition Selector list.
    Script include The name (including the sn_si. prefix) of the script include containing the definition of the process. The script must be in the Security Incident (sn_si) application scope. See Create a custom Security Incident Response process definition script include for more information. If this field does not contain a valid script include name, the default ProcessDefinition_NIST_Stateful definition is used.
    Description Helpful information about the script include.
    Order Determines the position in the process definition list.
    Active When checked, it makes this process definition selectable from the Process Definition Selector page.
  4. Click Submit.