Writing reports is an important, but tedious, step in the incident response process. In Smart SOAR, all incidents can be automatically exported as professionally designed Executive Reports, including a high level summary, investigation timeline, malicious artifacts, and more. For MSSPs, these reports can be modified to include your business’ branding and style guide. This feature replaces the need for manual report writing overnight, while maintaining accuracy, consistency, and professionalism.
Manual or Automatic Export
Each incident in Smart SOAR comes with an Executive Report that can be manually exported from the incident overview. Users can download the report as a PDF or Word file for further editing.
The export button is located in the top-right corner of every incident.
Users have the option to export the report as a PDF or Word file.
Executive Reports can also be automatically generated and sent to stakeholders using incident playbooks:
Content: A Blend of Static and Dynamic Data
Executive Reports are comprehensive and detailed, including a summary, actions taken during the investigation, SLA trackers, and more. They combine static information, such as the incident creation time, with dynamic fields like contextual data gathered from your threat intelligence tools.
Static incident data.
Dynamic data populated from threat intelligence and EDR.
The investigation team retains control over the dynamic sections of the report, choosing which information to include. For instance, they can add stage progress to incident notes or new contextual data to the dynamic form inside Smart SOAR.
Stage completion progress
Contextual data from Microsoft Defender for Endpoint
Takeaway
This automatic reporting feature can save your team countless hours over the course of a year and ensures stakeholders receive thorough, professional incident reports. While some users may opt to export these for critical alerts only, others may choose to deliver them to clients as part of their service offering. In either scenario, the adoption of Smart SOAR’s automated reporting streamlines the incident response process and accelerates our clients’ path toward more efficient and effective cybersecurity.