security

Triage

Incident Triage

Definition

Triage is the initial assessment of a security alert or incident to determine its severity, scope, and required response urgency. Analysts evaluate whether an alert is a true positive, assign a severity rating, and route it to the appropriate responder or playbook.

Effective triage processes prevent high-severity incidents from being buried under alert volume and are a critical first step in reducing MTTD.

Related Terms

SIEM

Security Information and Event Management

SOAR

Security Orchestration, Automation, and Response

MTTD

Mean Time to Detect

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product