 This video shows how to use tags in BMC SecOps Response Service. First it shows how to use tags to enrich data associated with assets. Then it shows how to use tags on the operator dashboard to filter data so you can launch a remediation operation on a small set of vulnerabilities. A tag is a key value pair. For each tag associated with an asset, there can be one or more values. You will often see a tag referred to as a key because each key can have one or more values. Before you can perform the procedures described in this video, an administrator must first import a tag file. A tag file lists assets and the tags and tag values associated with those assets. Here is an example of a tag file. First we're going to take a look at how a particular tag is assigned to assets. Select SecOps Response, Assets. This page lists all the assets included in scan files you have imported. I want to see how one tag in particular is applied. So I click the Tags filter and I select Purpose. This shows me all the assets that have the Purpose tag applied to them. Currently the filter shows assets with any values set for the Purpose tag. I'm seeing five assets. I can use the Tags filter to show only assets with the Purpose tag set to PROD, which limits the display to three assets. I happen to know that we use four servers for production. One is missing a tag. So I clear the Tags filter. I select the asset that I know is missing a tag. Select Manage Tags. Click Add New Tag. Select Purpose and set the value to PROD. Click OK. Then click Save. Again I'll look at the filter, set it to PROD. Now I see there are four assets with the Purpose tag set to PROD. Now I'm going to prepare a remediation job for these assets. Select SecOps Response, Operator Dashboard. The Operator Dashboard provides charts and filters that help you identify vulnerabilities that require attention. Filters let you narrow the focus of the dashboard to a critical set of vulnerabilities. Notice how the tag filter is already set. When you switch between the Operator Dashboard, Security Dashboard, and the Assets page, your tag filter settings are retained. Here is the actionable vulnerabilities list. It shows every vulnerability on every mapped endpoint included in the scans you are using, but after filtering is applied. Currently there are 129 vulnerabilities in the list. Now I'm going to use filtering to tighten the focus. For the severity filter, I select severity 4 and 5. Then I click Apply Filters. Notice how the vulnerabilities list now shows only 40 vulnerabilities. Now it's time to start the remediation process. Click Remediate to open the Remediation Operation Wizard. Enter a name for the operation. Click Next. Here you can review a list of remediations that can be deployed. If you do not want to deploy a particular remediation, select the check mark to deselect it. When you've got the correct set of vulnerabilities listed, click Next. On this page, you can set a schedule for the operation or execute it immediately. We're going to define a schedule. Select With Schedule. Set a time and date. The date must be at least five minutes into the future. I'm going to set a date of 1 a.m. on Saturday, which is our next maintenance window. Here on the planned operations list, notice the green checks. These indicate the operation is configured so their execution can launch correctly. That's all we have to do. Click Finish. A message says that operations will appear once they've been generated. Click OK. A placeholder appears on the home page while the operation is being created. If you refresh the home page, the operations that were created appear. They will execute according to the schedule I have defined. That's it. We have used tags to filter assets and then created a remediation operation based on that filtering. Thanks for watching.