Skip to main content

2. Incident Reports

image.png

The Incident Reports section in Security Core is essential for tracking and managing security-related or general system issues such as bugs, vulnerabilities, and unexpected behavior. It ensures efficient incident resolution, reduces downtime, and strengthens system security by providing structured workflows for issue management.

Use Cases
  • Create Incident

A security engineer or developer logs a new issue, ensuring all security concerns are documented.

  • Assign & Update

The incident is assigned to the relevant person, severity is set, and progress is tracked for accountability.

  • Track in Board

Team members move the incident card across workflow stages (Open → In Progress → Resolved → Closed) for clear visibility.

  • Closure

Upon closing, the system collects details on the resolution, supporting files, and lessons learned to prevent future occurrences.

Where to Use Incident Reports
  • Software Development: To track bugs and unexpected system behavior during development and deployment.
  • Financial Systems: For monitoring and resolving vulnerabilities in transaction processes.
  • Web Applications: To manage issues affecting user experience, performance, and security.
  • Enterprise IT: For handling system outages, security incidents, and compliance issues across departments.
Key Components of Incident Reports

The Incident Reports Action tracks and manages security‐related or general system issues (e.g., bugs, vulnerabilities, unexpected behavior). It provides two main views (Table and Board), plus the ability to filter, change statuses, and add closure details.

1. Table View

image.png

Table Layout:

Each incident appears as a row with columns for:

  • Severity (Low/Medium/High/Critical icon)
  • Name
  • Assigned to
  • Component
  • SLA (date/time)
  • Status (Open, In Progress, Resolved, Closed)
  • Actions (Edit icon, etc.)

Status Control:

Click the colored status label to choose a new state from a dropdown.

Edit Incident:

Click the ✏️ Edit icon in the Actions column to open the side panel. Update fields like Assigned to, Severity, Status, SLA, Component, or link a Penetration report.

2. Board View

image.png

  • Kanban‐Style Board: Switch to Board view to see incidents arranged by status column (e.g., Open, In Progress, Resolved, Closed).
  • Drag & Drop: Move incident cards between columns to reflect status changes.

image.png

  • Closing an Incident: When you move an incident to Closed, a dedicated form may appear (see “Close incident report” panel), prompting you to describe how the issue was fixed, attach any proof or files, and add a root cause analysis or lessons learned.

3. Filtering & Searching

    image.png

    • Filter Panel: Click Filter to open filters for Status, Severity, and Assigned to. Select your criteria and click Save to narrow the list or board.

    image.png

    • Search Bar: In either view, type a full or partial incident name (or keyword) into the Search field to locate specific reports instantly.

    How to Delete an Incident Report

    ByDeleting combiningan theseIncident viewsReport removes it permanently from the system and controls,records who performed the deletion and which report was removed. Follow the steps below.

    Prerequisites

    • You must have Delete permissions on the Incident Reports module.

    • Ensure you really intend to remove the record, as deletion cannot be undone.

    Deletion Steps

    • Open the Incident Reports sectionList
      • provides

    In the left-hand navigation, select Incident Reports.

    Locate the row for the report you wish to delete.

    • Trigger Deletion

    In the Actions column of that row, click the 🗑️ Delete icon.

    • Confirm Deletion

    A confirmation pop-up appears:

    Are you sure? [Cancel] [Delete]

    Click Delete to proceed.

    • Completion

    The report is removed from the table.

    A success toast or message confirms the deletion.

    Audit Logging

    Every deletion is recorded in the system audit log to maintain a comprehensive,clear user-friendlytrail workflowof foradministrative discovering,actions. tracking,The log entry includes:

    • Report Name – The title or unique identifier of the deleted incident report.

    • Deleted By – The username of the person who performed the deletion.

    • Timestamp – When the deletion occurred.

    Tip: Regularly review audit logs to ensure all deletions were intentional and resolvingcomply securitywith andyour systemdata-retention issues.policies.

    Back to top