Case-Templates
Case Templates serve as a valuable tool for adding structure to your investigations. They provide a quick and easy way to ensure that each time a Case is opened, it adheres to a predefined process.
Creating Case Templates
Navigate to the "Case Management (Cases)" page from the dashboard.
Change to the "Case Templates" tab and click "New Case Template".
Enter the template details like Title, Description, TLP, Severity, Tags, and click Next
Click
+icon, add the appropriate template tasks that will be assigned to cases and worked on by analysts.Review the Template Details, Tasks, and click Create.
Template Creation Fields
Organization
Select the appropriate Organization from the drop-down list. Unless you are leveraging the multitenancy function of Reflex, you may only have one option available here.
Case Title and Description
Provide a title and description for your Case Template to make it easier to locate and utilize. For example, the Case Template title of Phishing could have a description. This Case Template can be used for investigating potential phishing attacks.
TLP
Define the Traffic Light Protocol (TLP) to identify the sensitivity level of information contained in these types of cases.
RED: Not for disclosure, restricted to participants only
AMBER STRICT: Limited disclosure, restricted to participants’ organization
AMBER: Limited disclosure, restricted to participants’ organization and its clients
GREEN: Limited disclosure, restricted to the community
CLEAR: Disclosure is not limited
Severity
Define the severity level you want to be associated with these types of cases
Tags
Provide any additional tags that you would like to have included in the template
Tasks
Tasks can be created as part of the Case Template to define what steps an analyst should complete in order to conduct a proper investigation.
Last updated