Customize the Incident Categories

Assigning an incident category to a policy violation allows you to filter and view incidents by category on SaaS Security API. You assign incident categories when you:

Assess Incidents to provide a filtering mechanism.
Close incidents to provide an audit trail.
Assign incidents to other administrators to help provide context around the risk.

SaaS Security API has two states:

Open
Closed

Within these two states are incident categories, and SaaS Security API provides some default categories that suit most organizations’ incident management processes. By default, all incidents are

Open

and categorized as

New

. You cannot delete or rename default categories, but you can create new ones.

Map out the customize categories that your organization requires.
This planning is essential because you cannot delete or rename custom categories.
Verify that you have the required permissions.
You must be an administrator with a Super Admin role or an Admin with access to all apps to create new categories.
Select
Settings
General Settings
to create a custom category.
If the field is not accessible, you do not have the required permissions to create a custom incident category.
Enter a
Category Name
and select
Open
or
Closed
state.
Save
your changes.
Your custom category is an option when you Modify Incident Status or Close Incidents.