2. Incident Reports

The Incident Reports section in Security Core is essential for tracking and managing security-related or general system issues such as bugs, vulnerabilities, and unexpected behavior. It ensures efficient incident resolution, reduces downtime, and strengthens system security by providing structured workflows for issue management.

Use Cases

• Create Incident
  

A security engineer or developer logs a new issue, ensuring all security concerns are documented.

• Assign & Update
  

The incident is assigned to the relevant person, severity is set, and progress is tracked for accountability.

• Track in Board
  

Team members move the incident card across workflow stages (Open → In Progress → Resolved → Closed)Closed) for clear visibility.

• Closure
  

Upon closing, the system collects details on the resolution, supporting files, and lessons learned to prevent future occurrences.

Where to Use Incident Reports

• Software Development:Development: To track bugs and unexpected system behavior during development and deployment.
• Financial Systems:Systems: For monitoring and resolving vulnerabilities in transaction processes.
• Web Applications:Applications: To manage issues affecting user experience, performance, and security.
• Enterprise IT:IT: For handling system outages, security incidents, and compliance issues across departments.

Key Components of Incident Reports

The Incident Reports Action tracks and manages security‐related or general system issues (e.g., bugs, vulnerabilities, unexpected behavior). It provides two main views (Table and Board), plus the ability to filter, change statuses, and add closure details.

1. Table View

• Table Layout:

  Displays

  Each incidentsincident inappears rowsas a row with columns forfor:

  • Severity, (Low/Medium/High/Critical icon)
  • Name,
  • Assigned to, Component, Status, etc.
  • Component
  • SLA (date/time)
  • Status Control: Select different statuses (Open, In Progress, Resolved, Closed)
  • Actions (Edit icon, etc.)

  Status Control:

  Click the colored status label to choose a new state from a dropdowndropdown.

  in

  Edit eachIncident:

  row (see

  Click the colored✏️ labelsEdit icon in the Actions column).

• Edit Incident: Click the Edit iconcolumn to open athe side panelpanel. where you can updateUpdate fields (like Assigned to,to, Severity,Severity, Status, SLA, date/time,Component, etc.)or link a Penetration report.

2. Board View

• Kanban‐Style Board: Switch to Board view to see incidents arranged by status column (e.g., Open, In Progress, Resolved, Closed).
• Drag & Drop: Move incident cards between columns to reflect status changes.

• Closing an Incident: When you move an incident to Closed,Closed, a dedicated form may appear (see “Close incident report” panel), prompting you to describe how the issue was fixed, attach any proof or files, and add a root cause analysis or lessons learned.learned.

3. Filtering & Searching

• Filter Panel: Click Filter to open filters for Status, Severity, and Assigned to. Select your criteria and click Save to narrow incidentsthe by Status, Severity,list or Assignedboard.

  to.

• Search Bar: TypeIn either view, type a partialfull or fullpartial keywordincident name (e.g.,or name)keyword) into the Search field to findlocate specific incidents.reports instantly.

By combining these views and controls, the Incident Reports section provides a comprehensive, user-friendly workflow for discovering, tracking, and resolving security and system issues.