Skip Navigation
  1. BlackBerry Docs
  2. CylanceMDR
  3. CylanceMDR User Guide
  4. Managing incidents

Managing incidents

A screenshot of the Incidents screen in the Cylance console.
If your organization is subscribed to
CylanceMDR
 Standard, Advanced, or Pro, analysts monitor your alerts for you and will escalate them to you as an incident if they require your attention. When an analyst identifies a threat and escalates it to your organization, designated escalation groups in your organization are notified and you can view them on the Alerts > Incidents page.
If your organization is subscribed to
CylanceMDR
 On-Demand, you must manually request
CylanceMDR
 support from the details screen of an alert from the Alerts page. These requests are escalated to
CylanceMDR
 analysts so they can investigate. You can follow up on these requests from the Alerts > Incidents page in the
Cylance
 console.
On the Incidents page, you can do the following:
  • In the Open or Closed tabs, click an incident in the list to view its details.
  • Click The Gear icon to select the fields that you want to display.
  • Export the current list of incidents to a .csv file, or print it as a PDF.