| Home |
|---|
Starting SOAR Framework Solution Pack version v2.2.1 and later, the team ownable setting for out-of-the-box modules is disabled by default to improve performance. For War Room, however, it has been enabled from SOAR Framework v2.3.0.
However, if you have multiple teams, you may want to enable this option to control the teams' access to various records.
Considering your organization has 2 analyst teams - Forts and Spears.
-
Forts work with Alert and Indicator modules
-
Spears work with Alert, Incident, and Indicator module.
-
Forts analyze alerts based on extracted indicators and Spears are responsible for handling incidents escalated by Forts.
To achieve this segregation Team Ownable parameter must be set to true for these modules. For more information, refer to the section Security Management on FortiSOAR™ platform documentation.
| Installation | Configuration | Usage | Contents |
|---|