The Intelligence Reports app allows you to leverage valuable indicators of potential threats from both curated intelligence reports and your custom intelligence reports.
 |
NoteThreat Intelligence Sweeping is available as a predefined model in the
Detection Model Management app. By default, this model is enabled. When
enabled, Trend Vision One generates alerts
for noteworthy events after parsing your event logs and matching the data against
intelligence
reports. To further check the alerts triggered by Threat Intelligence
Sweeping, go to Workbench.
|
Trend Vision One supports auto and manual
sweeping based on curated and custom intelligence to search your environment for indicators
of
compromise. If there are indicator matches, you can check the sweeping results for
further
investigation and analysis.
Moreover, Trend Vision One allows you to
leverage curated intelligence to search third-party data sources using STIX-Shifter
if you have
configured the required connection settings.