Modify one incident at a time or use Bulk Incident to
modify the status of multiple incidents without closing the incidents.
With automatic remediation,
Prisma SaaS performs appropriate actions and updates the category
and status for incidents matching a data pattern. For other open
incidents, Prisma SaaS identifies these open incidents as
After you assess these
new incidents, close the incidents
that aren’t a threat to your organization. Then, modify the incident
status for the remaining incidents that are threats.
modify the incident individually or modify a group of incidents.
You can select a default open (denoted by a green icon)
—you assigned the
incident to another administrator for remediation. Consider that
you can assign such incidents as part of automatic remediation too.
—you are investigating
—you await the results of an
action before you can assess and investigate the incident.