In this installment of the Tips and Insights series, Nate Hancock shares how to edit cases in FireEye Helix to better organize documentation and investigations on a supported network.
Hi my name is Nate Hancock with FireEye Customer Support and this video is how to edit a case in Helix and how to better organize your documentation and investigations on your network. After creating a case in Helix and I’ve got one here that I’ve already created a test case. Sometimes there comes a point where we need to edit the case. So if I come in here and click on the case. First of all you can see all of the different fields and different information available. To modify that or to edit that i come up here click edit and these give you all of the editable fields. Editable fields include the name, the status, the priority, the classification, and we can also assign that to a user. If I want to change the name all I do is a click in here and I can change the name completely. I can add an identifier to it. I can change the status to any of these five options. These top three are considered open status: Declared, Scoped and Contained. While the bottom two are considered a closed status for the case: Recovered and Improved. In this case I’m just going to leave it undeclared. Next we can change the priority and these are self-explanatory. Critical. High. Medium. Low. You can define those however you want in your organization. And finally the classification. I can change the classification to whichever of these different classifications depending on the malware type or the investigation that we’re conducting. Finally I can assign that to a user but currently I’m going to leave that as unassigned. And then when I click edit case that’s going to save my changes and you can see that the name has now been changed. The last thing that I can change is in notes. I can come in here and create a new note. This is a test. I then click this icon. And that adds the note to the case. That does it for how to edit a case in Helix. Now you can better organize your documentation and investigation. Please watch for more tips and tricks videos from FireEye.