Manage groups

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Manage the groups that have been imported from the MITRE TAXII collections. Groups are sets of related intrusion activity that are tracked by a common name in the security community. Analysts track clusters of activities using various terms such as threat groups, activity groups, threat actors, intrusion sets, and campaigns. In STIX, groups are known as intrusion sets.

    Avant de commencer

    Role required:
    • sn_ti.admin: delete access
    • sn_ti.read: read access
    • sn_ti.write: create, write access

    Procédure

    1. Navigate to All > Threat Intelligence > MITRE ATT&CK Repository > Groups.
      You can view the listed groups.
    2. Click a group to view all the associated information.
      In the following illustration, you can view the details for the Ajax Security Team group, its ID, source, and other related information.View details for the group and other related information.
    3. To view how these objects are related, click Show Relationships.
      Remarque :
      To associate the threat groups to a security case for deeper investigation, click Add to Security Case.

    Que faire ensuite

    Use the techniques module to add or modify the groups data.