23.3 enhancements and patches
(On premises only) Downloading and installing the patch
Downloading from EPD | |
|---|---|
Patch installation |
23.3.04 features
Access the Security Incident Handling portal from the ESM Portal
Experience seamless navigation to the Security Incident Handling portal from the ESM Portal in BMC Helix Digital Workplace and explore the available catalog services. The improved design of the portal ensures a consistent look across all lines of business. Leverage the generative AI capabilities of BMC HelixGPT to search for information from a line of business and get easy-to-understand, summarized answers, reducing search efforts.
Learn about accessing Security Incident Handling portal in Product-overview.
23.3.00 features
Create and manage security cases in the Security Incident Handling line of business
Create security cases, such as phishing attack or confidential data exposure in the Security Incident Handling line of business in BMC Helix Business Workflows without accessing BMC Helix ITSM.
You can create and manage security cases seamlessly by using Runbooks, adding evidence and viewing evidence log, and resolving cases by adhering to cybersecurity standards.
Learn more about creating security cases in Creating-and-managing-security-cases.
Leverage the out-of-the-box integration with BMC Helix iPaaS to create cases automatically
Leverage the integration of BMC Helix Business Workflows with BMC Helix iPaaS to create security cases in the Security Incident Handling line of business by using the Create Case API.
If a security event occurs in your third-party security tool, such as CrowdStrike, you can use the Create Case API to create a corresponding security case in BMC Helix Business Workflows. Case agents can then work and resolve the security cases by following the predefined cybersecurity framework for those cases.
Learn more in Integrating.
Resolve security cases by using out-of-the-box security Runbooks
As a security case agent, use out-of-the-box task workflows in the form of Runbooks to resolve security cases.
Runbooks provide knowledge and a set of steps based on the cybersecurity framework to resolve security issues accurately and effectively. Each task in the Runbook has a stage assigned to it. Stages are part of the cybersecurity framework that Runbooks adhere to.
By using Runbooks, you can ensure all tasks are completed to resolve cases while adhering to cybersecurity standards
Learn more about stages and Runbooks in Security-stages.
Add evidence for security cases and view evidence logs
As a case agent, you can add evidence files to security cases. The evidence of a security case records when and where the security event occurred. Once added, you cannot modify the evidence files. You can only view the log of the evidence files. The log displays all actions that are taken on the evidence file, such as previewing and downloading.
Evidence collection and an audit log of every evidence file ensure robust security protocols.
Learn more about evidence in Evidence-and-evidence-log.
Create and relate BMC Helix ITSM tickets in BMC Helix Business Workflows
As a case agent, create BMC Helix ITSM tickets from security cases in BMC Helix Business Workflows. You can create incidents and work orders directly from a security case to request action from IT agents in BMC Helix ITSM. The incident or work order that you create from a case is automatically related to the case making it easier for case agents and IT agents to track the issue.
Relate BMC Helix ITSM tickets, such as change requests, incidents, problem investigations, and work orders to a case to provide quick access to details of the related tickets. You can also add work notes to multiple related cases and BMC Helix ITSM tickets at a time, directly from a case.
Learn more in Creating related BMC Helix ITSM tickets from cases and Associating cases to related items and users.
