Managing security incidents
This use case describes how you can automate the creation of security incidents and resolve them quickly to ensure the smooth working of the organization.
Scenario for managing security incidents
ABC company hosts most of its services in the cloud environment that they own and manage. Recently, there have been a lot of malware attacks on their servers that have resulted in a lot of financial losses. So, they decide to integrate BMC Helix Multi-cloud Broker with BMC Helix ITSM to automate the creation of security incidents.
Workflow for managing security incidents
The following table describes the tasks to be performed when managing security incidents in BMC Helix ITSM:
Task | Component | User | Action | Reference |
|---|---|---|---|---|
1. | BMC Helix Multi-cloud Broker | ITSM administrator | Configure BMC Helix Multi-Cloud Broker to integrate with IBM QRadar Security Information and Event Management. | |
2. | Smart IT | ITSM administrator | Use the My Security Incidents predefined filter or the Security Tickets filter in the Ticket Console to view the security incidents. | |
3. | Smart IT | ITSM administrator | Automatic assignment of security incidents. | |
4. | Smart IT | Incident user | Resolve the security incidents. |
Results
- Automatic creation of security incidents.
- Automatic assignment of security incidents.
Benefits
- Quick identification and resolution of security incidents.
- Effective ticket management from a single console.