: Security Controls Incident Details
Focus
Focus

Security Controls Incident Details

Table of Contents

Security Controls Incident Details

Use Security Controls incident details to investigate why
Data Security
created an incident for a security control policy violation.
Data Security
scans and analyzes email assets, settings, and user behavior and applies Security Control policies to identify exposures, risky user behavior, and sensitive documents. The service also performs a deep content inspection for known and unknown malware, data exposure, and data exfiltration. When
Data Security
determines that the security control is an incident, it creates an incident detail view that you use to Assess Incidents in your managed SaaS applications. These details can include some or all of the following information:
Incident Detail
Description
Setting Detail
Displays which security control rule was violated, the date
Data Security
discovered the incident, the scanned Cloud app, and identifies the email sender, principal owner, or folder owner.
For assets that match the WildFire Analysis rule, you can Use the WildFire Report to Track Down Threats.
Setting Name
Links to the SaaS app and displays the settings available to configure, such as key rotation, password policy, and email auto-forward rules.
Options
Option to
Email
a message to the email sender, principal owner, or folder owner or
Dismiss
the incident.

Recommended For You