# Incidents

The *Incidents* section within the **Data Library** helps your organisation centralise incident reporting, triage, and resolution across internal and external systems. It provides a unified interface to monitor incident tickets, assess risk impact, and ensure prompt follow-up for data loss or compliance violations.

From infrastructure alerts to phishing reports, Sprinto allows teams to integrate third-party tools, configure employee reporting, and enforce resolution timelines through automated checks and monitors.

***

### Supported Sources

Sprinto supports the following incident sources:

* **Cloud threat detection tools** such as AWS GuardDuty, Microsoft Defender, and Google Security Center.
* **External incident management platforms** such as PagerDuty, Jira, Zenduty, OpsGenie, and ServiceDeskPlus.
* **Manual reporting by employees** via the Sprinto employee portal or a linked incident-reporting email.

Each configured source appears as a dedicated tab under the *Incidents* section, maintaining a consistent interface with shared filtering and check-tracking capabilities.

***

### Key Capabilities

* **Unified overview:** Monitor the status of open incidents across multiple systems from a centralised dashboard.
* **System-level configuration:** Add or edit incident sources, configure services, and link employee reporting mailboxes.
* **Compliance mapping:** Associate incidents with mapped frameworks such as ISO 27001, SOC 2, PCI DSS, and GDPR.
* **Alert tracking:** Identify integration issues, pending incidents, and failing checks with proactive alerts.
* **Status monitoring:** Validate incident closure and data loss reporting through automated checks.

***

### Interface Highlights

* **Overview tab:** Lists all connected systems with current incident summaries and mapped controls.
* **Monitoring tab:** Displays active checks, failing validations, and historical trends across incident tickets.
* **Source-specific tabs:** PagerDuty, Microsoft Defender, GuardDuty, and others provide detailed views of logged incidents.
* **Status history:** Enables users to track trends, download evidence, and audit historical resolution timelines.

***

### Use Cases

<table><thead><tr><th width="167.02734375">Use Case</th><th>Description</th></tr></thead><tbody><tr><td>Incident lifecycle visibility</td><td>Track detection, escalation, and closure across various tools in one place.</td></tr><tr><td>Regulatory compliance</td><td>Ensure timely response and documentation of incidents for frameworks like ISO, SOC, PCI, and HIPAA.</td></tr><tr><td>Centralised employee reporting</td><td>Allow employees to report issues directly from the Sprinto portal or via a configured email address.</td></tr><tr><td>Automated monitoring</td><td>Set up checks to enforce closure timelines and data loss acknowledgements.</td></tr></tbody></table>

***

Let me know if you'd like to proceed with the next section — **How it Works**, or begin with **Dashboard Actions**.