Triage
Overview
The Triage workflow in Monitor allows you to systematically review, categorize, and assign cybersecurity events. This process ensures that critical vulnerabilities are identified and addressed promptly.
Triage Workflow
When a new security event is detected, Monitor creates a case that can be reviewed, assigned, and tracked through resolution. This ensures no critical vulnerabilities go unnoticed.
Event Types
- CVEs (Common Vulnerabilities and Exposures): Publicly disclosed security vulnerabilities
- Threat Intelligence Reports: External security advisories and alerts
- Internal Security Events: Events detected within your infrastructure
- Compliance Alerts: Notifications related to regulatory requirements
Triage Steps
- Review the event details and severity rating
- Assess which assets in your portfolio are affected
- Assign the case to the appropriate team member
- Set priority and due date for remediation
- Track progress through resolution
Tip
The platform automatically correlates external events with your internal Asset Manager. It creates risks for relevant events and notifies the user exactly which assets are impacted, drastically reducing reaction time.