Once you are familiar with the incident layout, create custom fields to add to the Malware Investigation and Response incident layout. You can view and edit all existing out of the box fields in the fields table. In this tutorial, we create the following fields:
Field Name | Field Type | Comments/Values |
---|---|---|
| Boolean (checkbox) | Enables the analyst to consider whether to fine tune a security policy (in the Case info tab and the Close tab. |
| Boolean (checkbox) | We add this to the Case info tab and when creating or editing an incident. |
| Boolean (checkbox) | We add this to the Case info tab and when creating or editing an incident. |
Go to
→ → → .Create the
XDR Tuning Required
field.Click New Field.
In the Field Type field, select Boolean (checkbox).
In the Field Name field, type the name you want to use, such as
XDR Tuning Required
.Click Save.
Repeat for the other fields.
Add the new custom fields to the layout.