Skip to main content
The Case Overview provides a comprehensive, centralized view of everything related to a case. From basic attributes like name, severity, and status to advanced metadata, linked entities, and a secure activity timeline, this interface is your go-to hub for managing and understanding the lifecycle of any case. Each section within the Case Overview is designed to help you quickly access and update case information, collaborate with team members, and ensure critical context is never missed. Whether you’re assigning a case manager, reviewing linked alerts and observables, or generating AI-powered summaries, the overview enables efficient, informed decision-making at every stage.

Case Details

Case Details provides a comprehensive view of all key information related to the selected case. For a deeper dive into the case information, see here.

Case Summary

The Case Summary section delivers an AI-generated overview of the case, allowing you to quickly grasp the most important details in a structured format.
  • To add a custom case summary, click the icon. Alternatively, click the Copilot icon to automatically generate an summary, using AI, for the selected case.
  • After generating a AI-summary with the Copilot, you can use the icon to edit or refine it to better suit your needs.
  • Use the icon to edit or refine the summary as needed.
  • Click the icon to view the summary in full size. By default, it appears in a compact view to save space, providing a cleaner interface and a better overall user experience.
Click the next to Case Summary to collapse the view, keeping the interface organized and easy to navigate.

Safe Use of AI

  • Case data for all customers is securely stored within the Blink platform, following the same protocols as other operational data, like tables. This process is uniformly applied to all hybrid customers. To create case summaries, we leverage Google’s Vertex AI model, with Google’s assurance, as outlined in their terms of service, that any data used in the prompt will not be saved or used.
  • It is important to note that Blink does not use customer data for AI training. We adhere to industry standards to ensure your data remains secure, never stored or utilized for these purposes

The Tool Bar

The Tool Bar Panel provides analysts with a centralized set of tools designed to maximize efficiency and effectiveness when managing a case. Each tool offers specific functionality to streamline investigation, documentation, and collaboration throughout the incident lifecycle.

The Tools

  • Analyst Copilot: Your AI assistant for case investigation. Copilot provides contextual insights, recommendations, and guidance to help analysts work faster and with greater confidence.
  • Timeline: A chronological view of everything that has happened in the case, giving analysts a clear picture of its history and progression.
  • Notes: A space for analysts to record observations, findings, and investigative details throughout the lifecycle of the case.
  • Notifications: A centralized panel for all case-related updates and questions, including items submitted through the Ask a Question on a Case action.
Learn more about the Case Overview’s Tools here.

Tables

The Tables Section provides structured access to various case-related data, including observables, attachments, tasks, and linked cases. To edit any item, double-click on the row, make changes, and click anywhere on the screen to save.

Alerts

Underneath the Case Summary section, you can find all the alerts linked to the selected Case.
  • Use the Search Bar to quickly locate a specific alert linked to the case.
  • To add a new alert or link an existing one to the case, click the “Add Alert” button.

Observables

  • Beneath the Case Summary section, all observables associated with the selected case are displayed.
  • Use the Search Bar to quickly locate a specific observable linked to the case.
  • To add a new observable or link an existing one to the case, click the “Add Observable” button.

Tasks

  • Underneath the Case Summary section, you can find all the tasks linked to the selected Case.
  • Use the Search Bar to quickly locate a specific task linked to the case.
  • To add a new task or link an existing one to the case, click the “Add Task” button.

Attachments

  • Underneath the Case Summary section, you can find all the attachments linked to the selected Case.
  • Use the Search Bar to quickly locate a specific attachment linked to the case.
  • To add a new attachment or link an existing one to the case, click the “Add Attachments” button.

Linked Cases

  • Underneath the Case Summary section, you can find the linked cases section, which contains all the details of the cases that have already been linked to this Case.
To link or unlink more cases, click the “Link Cases” button in the top right corner. Then, check the boxes next to the cases you want to link, or uncheck the boxes next to the cases you want to unlink.

Actions

In the top-right corner you can view all response actions that are configured and linked to this case, allowing you to quickly review or execute them as needed.

Case Overview Settings

The case overview’s settings provides additional options for managing a case, including sharing the case, exporting case details, closing a case, and deleting it.
Once a case is closed, it becomes locked and cannot be edited unless reopened (moved back to an active status).

Share Case

After selecting the users or groups you want to share the case with, you must assign the appropriate permission level before clicking “Send.”
  • Viewer – Allows read-only access to the case. However, if the user’s global role grants broader permissions (for example, an Owner with full Case Management access), those higher-level permissions will take precedence, allowing them to edit the case even if they were invited as a Viewer.
  • Editor – Allows the user to update and modify the case, but they cannot close or delete it.
  • Editor + Close – Allows the user to edit the case and close it, but they still cannot delete the case.
Once a case is shared, the top-right corner of the Case Overview displays a circle with the initials of the users or groups who have access. Hovering over the circle reveals their full names, giving you a quick and easy way to review who the case is shared with.

Export Case

The ‘Export Case’ setting allows users to download a structured dataset of the case, making it easy to share or archive case details.
  • Clicking ‘Export Case’ will generate a ZIP file containing:
    • PDF reports summarizing case details.
    • CSV files with structured case data for further analysis.
  • The exported files can be used for auditing, compliance, or reporting purposes.

Close Case

The Close Case setting allows users to finalize and archive a case while preserving relevant details.
  • When closing a case, a pop-up appears, allowing users to:
    • Modify the reason for closing the case.
    • Attach additional files (up to 500MB) related to the case resolution.
    • Update or add closing notes with further context.
  • Clicking ‘Save’ finalizes the case closure.

Delete Case

The Delete Case will remove the case and all its related metadata entirely from Case Management