The Hybrid Analysis application is part of an open online community in which users analyze files and URLs for threats. You share results and utilize research from the community for more effective incident responses. When integrated with the ServiceNow AI Platform Security Operations product, the shared threat intelligence provides you with additional insight into the severity of specific observables.

The flow checks for new observables as they arrive in security incidents. If the observables are of a type recognized by the API integration, the observables are evaluated. Observables determined to be malicious are tagged.