Manage groups

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:1分

    • Manage the groups that have been imported from the MITRE TAXII collections. Groups are sets of related intrusion activity that are tracked by a common name in the security community. Analysts track clusters of activities using various terms such as threat groups, activity groups, threat actors, intrusion sets, and campaigns. In STIX, groups are known as intrusion sets.

    始める前に

    Role required:
    • sn_ti.admin: delete access
    • sn_ti.read: read access
    • sn_ti.write: create, write access

    手順

    1. Navigate to All > Threat Intelligence > MITRE ATT&CK Repository > Groups.
      You can view the listed groups.
    2. Click a group to view all the associated information.
      In the following illustration, you can view the details for the Ajax Security Team group, its ID, source, and other related information.View details for the group and other related information.
    3. To view how these objects are related, click Show Relationships.
      注:
      To associate the threat groups to a security case for deeper investigation, click Add to Security Case.

    次のタスク

    Use the techniques module to add or modify the groups data.