Updating security cases

As a security case agent, you can update an automatically or manually created case by changing the details of the case. You can flag the case to prioritize the work on that case for other security case agents, or even raise an ad hoc approval request.

Before you begin

Make sure that you have write access to a case to update it.

To update a security case

As a security case agent, open a case from the Cases console.
On the case details page, use the following options to update the case.
Option
Action
Flag the case and mark it for prioritizing work on it.
Request an ad hoc approval.
Send an email to communicate with the requester.
Add attachments.
Add the case to your watchlist.
Click Edit, and update the followings details of the case:
- Summary
- Priority
- Contact
- Assigned Group and Assignee
- Case template
- Description
- Target date
- Case site
- Label
- Categories
Click Save.

Option	Action
	Flag the case and mark it for prioritizing work on it.
	Request an ad hoc approval.
	Send an email to communicate with the requester.
	Add attachments.
	Add the case to your watchlist.

To change the status of a security case

As a security case agent, open a case from the Cases console.
Click the status to open the status pane.
In the status pane, select the required value in the Status field.
(Optional) Select the reason for changing the case status in the Status Reason field.
This field displays a list of reasons for Pending, Resolved, and Canceled statuses.
Click Save.

Result

When you change the status of the security case to In Progress, the Runbook is automatically activated, and if the case has any task flow or tasks, they are visible in the Active Tasks and Upcoming Tasks section.

Where to go from here

Managing-tasks-from-the-runbook