Views:

View information about global threat actors and emerging threats on the information screen.

The information screen shows detailed information about threat actors or emerging threats selected from the Threat Insights screen.
The following table outlines the information screen:
Section
Description
Summary
The section at the top of the screen contains a summary of the selected emerging threat or threat actor.
Note
Note
Security threats and threat actor groups are often given different names by each security vendor. AKA lists known aliases for emerging threats and threat actors.
You can view more detailed information on the following tabs:
  • Overview: This tab displays a detailed history of the selected emerging threat or threat actor.
  • Risk Management Guidance: This tab provides suggestions of how your organization can manage the risks presented by the selected emerging threat or threat actor.
  • Threat Hunting Queries: This tab displays related threat hunting queries that you can run in the Search app.
Associated Emerging Threats
This section displays associated emerging threats, the related impact scope, and the time of the most recent data update.
Infection Chain
This section provides an illustration of the multiple attack tools used to bypass detection tools and deliver a payload.
Highlighted MITRE Tactics and Techniques
This section lists the MITRE tactics and techniques associated with the selected threat or threat actor. Click the tactic or technique name to view more information on the MITRE website.
Intelligence Data
This section collects available threat intelligence from Trend Micro and third-party sources about the selected threat or threat actor.
You can view more detailed information on the following tabs:
  • Intelligence Reports: This tab displays the intelligence reports associated with the selected threat or threat actor.
  • Tactics, Techniques, and Procedures: This tab lists the MITRE tactics and techniques associated with the selected threat or threat actor. Click the tactic or technique name to view more information on the MITRE website.
  • Tools: This tab lists software applications exploited by the selected threat or threat actor. Click the tool name to view more information.
  • Malware: This tab shows the malicious software used by the selected threat or threat actor. Click the malware name to view more information.
  • CVEs: This tab displays CVEs associated with the selected threat or threat actor. Click the CVE ID to view more information.
  • Indicators: This tab lists IOCs such as URLs and file hashes associated with the selected threat or threat actor. The selected threat or threat actor may also be associated with other IOCs.
  • Associated Threat Actors: This tab displays the associated threat actors of the selected emerging threat.
Impact Scope
This section highlights evidence of threats found in your environment.
Click the tabs to display any associated Workbench Alerts, as well as Servers, Endpoints, and Email Addresses containing matched IOCs of the selected threat or threat actor.