https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/367152#M409 <P>Hi AsifSid,</P><P>&nbsp;</P><P><A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/investigate-incidents.html" target="_self">Here's a good document</A> on investigating and managing incidents within Cortex XDR.&nbsp;It provides an in-depth walkthrough around incidents, including taking ownership, adjusting the status, reviewing details, gathering more information from external integrations, and taking action. There's even a video that you could watch to understand more about incident management <A href="https://live.paloaltonetworks.com/t5/cortex-xdr-walkthroughs/incident-management/ta-p/310119" target="_self">here</A>.</P><P>&nbsp;</P><P>Finally, Cortex XDR recently rolled out a new feature called Remediation Suggestions. I'd recommend <A href="https://live.paloaltonetworks.com/t5/cortex-xdr-walkthroughs/remediate-an-incident/ta-p/347276" target="_self">reviewing this video</A> to understand its capabilities and how it can help you better-manage your incidents.</P><P>&nbsp;</P><P>Please give these materials a look and let me know if you are looking for something else in particular.</P><P>&nbsp;</P> Thu, 03 Dec 2020 21:30:55 GMT gjenkins 2020-12-03T21:30:55Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/363930#M376 <P>Hi All,</P><P>&nbsp;</P><P>Does any one have a sample template or document for Cortex alert /incident managment procedure.</P><P>&nbsp;</P><P>&nbsp;</P><P>Regards</P><P>Asif Siddiqui</P> Thu, 19 Nov 2020 06:04:24 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/363930#M376 AsifSid 2020-11-19T06:04:24Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/367152#M409 <P>Hi AsifSid,</P><P>&nbsp;</P><P><A href="https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/investigation-and-response/investigate-incidents.html" target="_self">Here's a good document</A> on investigating and managing incidents within Cortex XDR.&nbsp;It provides an in-depth walkthrough around incidents, including taking ownership, adjusting the status, reviewing details, gathering more information from external integrations, and taking action. There's even a video that you could watch to understand more about incident management <A href="https://live.paloaltonetworks.com/t5/cortex-xdr-walkthroughs/incident-management/ta-p/310119" target="_self">here</A>.</P><P>&nbsp;</P><P>Finally, Cortex XDR recently rolled out a new feature called Remediation Suggestions. I'd recommend <A href="https://live.paloaltonetworks.com/t5/cortex-xdr-walkthroughs/remediate-an-incident/ta-p/347276" target="_self">reviewing this video</A> to understand its capabilities and how it can help you better-manage your incidents.</P><P>&nbsp;</P><P>Please give these materials a look and let me know if you are looking for something else in particular.</P><P>&nbsp;</P> Thu, 03 Dec 2020 21:30:55 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/367152#M409 gjenkins 2020-12-03T21:30:55Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/385150#M551 <P>Thank you so much Gjenkins</P><P>&nbsp;</P><P>&nbsp;</P><P>Regards</P><P>Asif Siddiqui</P> Wed, 10 Feb 2021 17:45:47 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/385150#M551 AsifSid 2021-02-10T17:45:47Z https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/385437#M556 <P>No problem,&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/87372">@AsifSid</a>! Glad to help.</P> Thu, 11 Feb 2021 16:23:00 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/alert-incident-handling-process-template/m-p/385437#M556 gjenkins 2021-02-11T16:23:00Z