An operational or security incident.
Includes properties from:
category (string) - Required¶
The category of the incident
- General Incident
- Attack on Internal Facing Assets
- Attack on External Facing Assets
- Social Engineering
- Data Breach
- Physical or Environmental
severity (string) - Required¶
Severity rating based on impact. Can be a string such as ‘critical’, ‘major’, ‘minor’, or an integer usually between 1-3.
impacts (array of string) - Optional¶
The target listing of [IDs/keys to] systems and resources this incident impacts.
reportable (boolean) - Required¶
Indicates if this is a reportable incident per applicable regulations, such as HIPAA, PCI, or GDPR.
reporter (string) - Optional¶
The person/entity who reported this incident.
postmortem (string) - Optional¶
Summary and/or a link to the documented lesson learned.