Customize the Incident Categories
Add custom incident categories on SaaS Security API for
Open or Closed states to help filter incidents and track changes.
Assigning an incident category to a policy
violation allows you to filter and view incidents by category on SaaS
Security API. You assign incident categories when you:
- Assess Incidents to provide a filtering mechanism.
- Close incidents to provide an audit trail.
- Assign incidents to other administrators to help provide context around the risk.
SaaS
Security API has two states:
- Open
- Closed
Within
these two states are incident categories, and SaaS Security API
provides some default categories that
suit most organizations’ incident management processes. By default,
all incidents are
Open
and categorized as New
.
You cannot delete or rename default categories, but you can create
new ones.- Map out the customize categories that your organization requires.This planning is essential because you cannot delete or rename custom categories.
- Verify that you have the required permissions.You must be an administrator with a Super Admin role or an Admin with access to all apps to create new categories.
- Select to create a custom category.If the field is not accessible, you do not have the required permissions to create a custom incident category.
- Enter aCategory Nameand selectOpenorClosedstate.
- Saveyour changes.
- Your custom category is an option when you Modify Incident Status or Close Incidents.
