This documentation supports the 21.3 version of BMC Helix ITSM: Smart IT.

To view an earlier version, select the version from the Product version menu.

Managing security incidents

This use case describes how you can automate the creation of security incidents in your organization and resolve them quickly to ensure the smooth working of the organization.

Scenario

ABC company hosts most of its services in the cloud environment that they own and manage. Recently, there have been a lot of malware attacks on their servers that have resulted in a lot of financial losses. So, they decide to integrate BMC Helix Multi-cloud Broker with BMC Helix ITSM to automatically create security incidents when there are malware attacks.

Workflow

The following table describes the tasks that are taken from the creation of the security incidents till they are resolved:

TaskComponentUserActionReference
1.BMC Helix Multi-cloud Broker Smart IT administrator

Smart IT administrator configures BMC Helix Multi-Cloud Broker. BMC Helix Multi-Cloud Broker integrates with IBM QRadar Security Information and Event Management (SIEM). IBM QRadar SIEM automatically creates incidents in BMC Helix ITSM when an offense occurs.

Configuring BMC Helix Multi-Cloud Service Management Open link

Incident creation from IBM QRadar offenses Open link


2.Smart ITSmart IT administrator

To display the security incidents that are generated by QRadar Siem in the ticket console, the Smart IT administrator has to display the Security Tickets options on the console.

Configuring settings for managing security incidents
3.Smart ITSmart IT administratorAutomatic assignment of security incidents.Configuring automatic ticket assignments
4.Smart ITIncident userResolve the security incidents.Resolving tickets in Smart IT

Results

  • Automatic creation of security incidents.
  • Automatic assignment of security incidents.

Benefits

  • Quick identification and resolution of security incidents.
  • Effective ticket management from a single console.
Was this page helpful? Yes No Submitting... Thank you

Comments