Define threat groupings
Define threat groupings as objects that have a shared context.
Before you begin
Role required: sn_ti.admin
Procedure
- Navigate to .
- Click New.
-
Complete the fields in the form as appropriate.
Field Description Name Enter a name to identify the threat grouping. Context A description of the particular context shared by the content referenced by the grouping. Source Specifies the threat source from which this record is created. Description A short description that provides details and context about the grouping. This includes its purpose and its key characteristics. Source ID Unique identifier for this object in the threat source. Created Time in Source Specifies the time the object is created in the source. Modified Time in Source Specifies the time the object is modified in the source. - Click Submit.
What to do next
Click any of the following related lists to view additional information about objects associated with the threat grouping.
| Related Links and Related Lists | Description |
|---|---|
| Show Relationships | Opens the STIX Visualizer where you can view the relationship of the STIX
object. Show Relationships appears only when the object has an associated object. |
| Grouped Objects | Lists objects grouped as part of the threat grouping. |
| Grouped Indicators | Lists indicators grouped as part of the threat grouping. |
| Grouped Observables | Lists observables grouped as part of the threat grouping. |