Incidents

The Incidents page in CyberGuard.ai is the central hub for tracking, analyzing, and managing cybersecurity incidents across your organization. It provides a structured, end-to-end workflow for documenting incidents — from initial detection through investigation, containment, and resolution — ensuring that every event is captured, categorized, and resolved according to your organization’s incident response policies.

This page enables teams to maintain visibility into the status, severity, and progression of ongoing and past incidents, promoting rapid response and compliance with cybersecurity frameworks such as ISO 27001, NIST, or CMMC.

Usage Notes

1. Incident Listing and Tracking

   • The table displays each incident with key attributes such as Reference ID, Name, Status, Severity, Detection, Domain, and Updated At.

   • Incidents can be sorted or filtered using the Filters panel or the search bar to locate specific events quickly.

   • Severity levels help prioritize response efforts and ensure that critical issues are handled first.

2. Lifecycle Management

   • Each incident record reflects its current phase — from Detected to Resolved.

   • This lifecycle tracking supports transparency and accountability, ensuring all incidents are fully documented and properly closed.

   • Historical data enables trend analysis and post-incident learning for continuous improvement.

3. Collaboration and Evidence Collection

   • Security teams can attach evidence, assign owners, and log investigation notes directly in each record.

   • Integrated timelines ensure that key updates and resolution actions are chronologically recorded for audit purposes.

4. Integration with Other Modules

   • The Incidents page connects seamlessly with Applied Controls, Risk Assessments, and Compliance frameworks to link incidents with control failures or policy gaps.

   • This contextual relationship helps identify root causes and improve preventive measures for the future.

Benefits

• Centralized platform for incident visibility and response coordination.

• Ensures regulatory compliance by maintaining detailed records of all incidents.

• Enhances incident response readiness and promotes post-incident learning.

• Supports root cause analysis by linking incidents to related controls and risks.

Related Pages

• Tasks – Assign and monitor actions created in response to incidents.

• Calendar – Schedule follow-up reviews or post-incident evaluations.

• X-rays – Analyze control weaknesses or compliance gaps linked to incident origins.