Case-Templates
Case Templates serve as a valuable tool for adding structure to your investigations. They provide a quick and easy way to ensure that each time a Case is opened, it adheres to a predefined process.
Creating Case Templates
Navigate to the "Case Management (Cases)" page from the dashboard.
Change to the "Case Templates" tab and click "New Case Template".
Enter the template details like Title, Description, TLP, Severity, Tags, and click Next
Click
+icon, add the appropriate template tasks that will be assigned to cases and worked on by analysts.Review the Template Details, Tasks, and click Create.
Template Creation Fields
| Case Template Fields | Info |
|---|---|
Organization | Select the appropriate Organization from the drop-down list. Unless you are leveraging the multitenancy function of Reflex, you may only have one option available here. |
Case Title and Description | Provide a title and description for your Case Template to make it easier to locate and utilize. For example, the Case Template title of Phishing could have a description. This Case Template can be used for investigating potential phishing attacks. |
TLP | Define the Traffic Light Protocol (TLP) to identify the sensitivity level of information contained in these types of cases. RED: Not for disclosure, restricted to participants only AMBER STRICT: Limited disclosure, restricted to participants’ organization AMBER: Limited disclosure, restricted to participants’ organization and its clients GREEN: Limited disclosure, restricted to the community CLEAR: Disclosure is not limited |
Severity | Define the severity level you want to be associated with these types of cases |
Tags | Provide any additional tags that you would like to have included in the template |
Tasks | Tasks can be created as part of the Case Template to define what steps an analyst should complete in order to conduct a proper investigation. |
Last updated