Annotate security artifacts
-
- UpdatedJan 30, 2025
- 2 minutes to read
- Yokohama
- Threat Intelligence
As you are analyzing a case, you can add annotations to any artifact.
Before you begin
- sn_ti.case_user_write for adding annotations
- sn_ti.case_user_read to view annotations
Procedure
-
To add an annotation to one or more artifacts, perform the following
steps:
-
Click Annotate.
-
Click Annotate.
-
To view annotations for an artifact, click the View annotations (
) icon.
The existing annotations appear in the Annotations dialog box.
Related Content
- Related details for case artifacts
As you add artifacts to a case, additional related details for each artifact may also be automatically added. For example, if you add a security incident, it may contain affected CIs and user records. You can quickly view the related details for a selected artifact without leaving the list of artifacts.
- Security artifact exclusion and inclusion
The lists of supporting artifacts assigned to a case can sometimes get long and there may be instances where you want to remove particular artifacts from a list. Rather than permanently remove the artifacts, you can exclude them from the list and, as needed, return them to the list at a later time.
- Search for security artifacts
You can perform a keyword search on any security artifact list.