When you elevate the incident, the service alerts F-Secure analysts. Analysts will have access to the incident data to help them to solve the case.
You need a valid subscription and unused elevate tokens to be able to elevate incidents.
Note: Elevating incidents is available for Partner-level administrators only.
To elevate the incident to F-Secure:
- Log in to the portal with your email address and password.
The Home view opens.
- In the Top broad context detections pane, choose the detection that you want to elevate to F-Secure and then select Acknowledge incident if it has not been confirmed already.
The Elevate to F-Secure option becomes available.
- Select Elevate to F-Secure.
The Elevate to F-Secure window opens, which shows the number of elevate tokens that you have left.
- Add a comment about Broad Context Detection that you want F-Secure analysts to examine and describe why you want to elevate it and what you want experts to validate.
- Select Elevate.
If Broad Context Detection is more than 7 days old, the elevation uses an investigation token. Otherwise, the elevated incident is validated first using the validation token.
Note: The elevate token is used only when F-Secure acknowledges your request.
- F-Secure analysts acknowledge your elevation request and start investigating the incident. You receive an email notifiction when the investigation is complete.
When the investigation is complete, the investigation result and the suggested response are available in the portal.
- Select Close elevation to resolve the incident.
Note: You can use the comment window at any time to add comments to the elevated incident. Comments window includes all comments that you and F-Secure analysts have added to it during the investigation. Note that after you close the elevation, you can still add comments to the incident but no further notifications about them are sent to F-Secure.