Abstract
Understand the lifecycle of a case.
Cortex XSIAM handles cases through a structured process that moves from identification to resolution.
Stage | Description |
|---|---|
Detection | Signals or findings surface across the environment. |
Issue generation | Raw data is converted into structured, defined as Issues. |
Case grouping | Issues are evaluated for case qualification. If the issue qualifies it is grouped into a case with related issues, or if no match is found, a new case is generated. |
Case analysis | Examination of context, relationships, and evidence. |
Response | Application of remediation actions to mitigate the threat. |
Resolution | Final confirmation that the issues in the case are fully addressed. |