The Incident Summary page shows all available details for an incident listed in Threat Resolution > Incidents.

PT-incident-summary-with-labels.jpg

The header shows you the current status of this incident and a dropdown menu of available actions:

PT-incident-summary-header.jpg
  • Status

  • Actions

    • Allow Sender: This action adds the sender to the customer Allow List. The email is delivered to the user's inbox without analysis. See Allow List details for additional information.

      This action happens for all affected users. Select the Affected Users tab to see a list of all users that received this email.

    • Mark as Safe: This action adds a green banner to this email marking it as safe. The email remains in the user's inbox.

      This action happens for all affected users. Select the Affected Users tab to see a list of all users that received this email.

    • Send to Junk: This action moves this email from a user's inbox to their Junk folder.

      This action happens for all affected users. Select the Affected Users tab to see a list of all users that received this email.

Below the header are a series of tabs that can be selected.

PT-incidents-tabs.jpg
  • Details: This tab is automatically open when you land on the Incident Summary page. It includes details of the email, including the date and time received, sender's email address, and the content of the email. Images included in a reported email are not displayed.

  • Affected Users: The date and subject of the email are listed here, along with the email addresses of the recipient and sender. The name of the customer is also listed.

  • Received Headers: The content of the received header is displayed.