The Incident Details page (Documentation Index
Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
Use this file to discover all available pages before exploring further.
/it/security/incidents/:id) displays the full record for a single security incident. It shows discovery date, response status, resolution date, linked ticket, description, and resolution notes. Authorized users can advance the incident through its response workflow.
Overview
The page fetches the incident viauseSecurityIncident(id). Four summary cards display: discovered date, current status, resolved date, and linked ticket. The description and optional resolution notes render in cards below. A Response Actions card exposes status-transition buttons appropriate to the current state.
Incident types (code-defined): data_breach, malware, unauthorized_access, phishing, denial_of_service, policy_violation, other.
Severity levels: critical, high, medium, low.
Response statuses: open → in_progress → resolved → closed. Closed/resolved incidents can be reopened.
Who it’s for
No explicit secondary permission gate beyond the outerITViewGuard (it.view). Status mutations use useSecurityIncidentMutations.
Before you start
- Navigate from the Security Incidents list at
/it/security/incidents.
Steps
Open an incident record
From
/it/security/incidents, click an incident row, or navigate to /it/security/incidents/:id.View the linked ticket
If a ticket is linked (
ticket_id), click View Ticket to navigate to /it/tickets/:id.Advance the response status
In the Response Actions card, click the appropriate action button:
- Start Investigation (open → in_progress)
- Mark Resolved (open or in_progress → resolved)
- Close Incident (resolved → closed)
- Reopen (resolved or closed → open)
Key concepts
| Concept | Description |
|---|---|
IncidentType | Enumeration of incident categories from code |
SecuritySeverity | critical / high / medium / low |
IncidentResponseStatus | open / in_progress / resolved / closed |
SeverityBadge | Component rendering a color-coded severity indicator |
Related
IT Service Management
IT Service Management overview.
Governance & parity
This page documents shipped product behavior. It is not medical, legal, or
billing advice. Verify against your organization’s policies and applicable
regulations before using it for clinical, compliance, or billing decisions.
Protected health information (PHI) shown in the product is governed by your
tenant’s access controls and is never exposed in this documentation.
Documentation sources
Documentation sources
- src/routes/it.tsx
- src/cores/it/pages/security/incidents/IncidentDetailPage.tsx
- src/cores/it/hooks/useSecurityIncidents.ts
- src/cores/it/hooks/useSecurityIncidentMutations.ts