Cases in Guardian Ops provide a structured workflow for managing network abuse incidents efficiently. This feature enables security teams to investigate, track, and resolve abuse reports within a centralized interface.
Separate Case per Contract: A case is created not only for each customer but also for every contract the customer holds. This means there could be multiple cases for the same customer, each tied to a different contract.
Single Event per Case: This option disables the search for an existing case. A new case is opened for every event, ensuring that each event has its own individual case, following the rules specified above.
All the above options can be combined, allowing for highly flexible case creation workflows. For example, you can create a rule that opens a new case for each contract and each event type while also ensuring that each event gets its own case.