Categories and types of incidents

For your convenience, you can assign categories and types. If an incident has been assigned a NCIRCC category, it can be exported to NCIRCC.

Categories and types of incidents that can be exported to NCIRCC

The categories of incidents can be viewed or changed under Settings → Incidents → Incident types, in which they are displayed as a table. By clicking on the column headers, you can change the table sorting options. The resource table contains the following columns:

• Category—a common characteristic of an incident or cyberattack. The table can be filtered by the values in this column.
• Type—the class of the incident or cyberattack.
• NCIRCC category—incident type according to NCIRCC nomenclature. Incidents that have been assigned custom types and categories cannot be exported to NCIRCC. The table can be filtered by the values in this column.
• Vulnerability—specifies whether the incident type indicates a vulnerability.
• Created—the date the incident type was created.
• Updated—the date the incident type was modified.

To add an incident type:

1. In the KUMA web interface, under Settings → Incidents → Incident types, click Add.

   The incident type creation window will open.

2. Fill in the Type and Category fields.
3. If the created incident type matches the NCIRCC nomenclature, select the NCIRCC category check box.
4. If the incident type indicates a vulnerability, check Vulnerability.
5. Click Save.

The incident type has been created.

Page top