Intelligence Reporting
#192.168.1.1
or #www.google.com
which automatically extract these indicators and places them in your IOC database. This enables quick and easy IOC management for content you produce.
Also to note when creating reports is the ability to use the Recommendation Library
in the Recommendation section to automatically populate the recommendations with pre-canned responses. Typically there are standard mitigations or recommendations for certain activity, and to reduce analyst time, we offer the ability to click on a recommendation and have it automatically populate the recommendation section. Click on “Knowledge Management” > “Reports” > “Recommendation Library” to manage these recommendations.
To enable easier consumption of reports, we offer the ability to summarize the report content using AI. By clicking on the “Summarize with AI” button in the report, you’ll get a brief summary of the activity in the report, enabling quicker response to the details included in the report, saving time and effort.
By using the built-in report viewer, you’re able to expand on the MITRE ATT&CK TTP’s observed, along with their official recommendations, as well as having an appendix of all IOC’s found in the report. Additionally, you can export these reports to PDF and Word documents using the threatnote templates included in this product.
One of the most crucial elements of reporting is the feedback recieved from stakeholders on these reports, and by using the built-in report viewer, you can easily view the feedback from your consumers. This allows you to easily see what was missing, what went well, and any other details related to the report, right inside the platform.