Customize the Malware Investigation and Response incident layout by adding custom fields to the layout.
Go to → → → .
Select the Malware Investigation and Response layout checkbox.
Click Detach.
Note
When an incident layout is detached, it no longer receives layout updates from the content pack. If you want to receive updates, duplicate the layout instead.
Select the Malware Investigation and Response layout and click Edit.
In the Case info tab, add the custom fields to a new section.
We can add these custom fields to any section, and in this example, we want to create a new section.
From the Library section, in the Sections tab, drag and drop the New Section onto the Case info tab.
Rename the section to Quick Actions, by editing the settings.
In the Fields and Buttons tab, drag and drop the custom buttons we created.
Click the “New”/”Edit” Form tab, add the custom fields, as required.
You can see below we have added the majority of the fields to the Basic Information section.
Click the “Close” Form tab and add the XDR Tuning Required field we created earlier to the Custom Fields section.
Click Save Version.
Save Version enables you to restore any changes.