The Open Incidents tab allows processing email messages that were reported through the add-in by the end users as incorrectly classified by the system. The processing allows the administration team to ignore such report or accept it and apply it to the entire organization.
The processing consists of feeding back to the system the correct categorization for corresponding messages. Although, the number of incorrectly classified messages is expected to be low, processing them helps improves tremendously the system.
The reported messages are listed in the Open Incidents table[IT1] .
To process a message,
- Select Security Operation Center
- Click Open Incidents
- Select the message in the table and click one of the following:
- Mark as Legitimate: when a legitimate message was classified as phishing or spam
- Mark as Phishing: when a message was incorrectly categorized as legitimate or spam
- Mark as Spam: when a message was incorrectly categorized as Legitimate or Phishing
[IT1]I’m wondering whether it is not better to list all reported messages, regardless of the number of times it was reported. Let’s discus about it.