Security Operations email duplication rules You can use Duplication Rules to handle duplicate email records for security, vulnerability, IoCs, and so on. Duplication rules have two purposes. First, to prevent too many duplicate records from being created. Second, when a duplicate is detected, to set what fields in the record are updated. Only active duplicates are looked for. If the record is not active, for instance, if the incident has been closed, then any new identical problem is a new incident. Create email duplication rules in Security OperationsYou can use Duplication Rules to identify new email with active duplicate records and process them appropriately.