Working with TISC Context

Zurich Security Management

Release

zurich

ft:locale

en-US

ft:publication_title

Zurich Security Management

ft:clusterId

security

bundleId

security

workflow

Technology

Working with TISC Context

Release version: Zurich

Updated July 31, 2025

1 minute to read

TISC context facilitates viewing threat intelligence data such as observables within the security incident response workspace.

This helps security analysts to detect, investigate, and respond to security incidents more effectively from the workspace.

TISC Context in Security Incident Response workspace allows the security analysts to add security incidents or observables to TISC Case(s) directly from the workspace, also view the enrichment results, and view observables related information which are related threat actors, attack patterns, campaigns, and so on.

Using this section, you can do the following:

Associate observables to a TISC case.
View associated observables information.
View observables enrichment results.

For more detailed information and procedure, see the following sections, and for more information on how the integration works between TISC and SIR workspaces, see TISC integration with SIR Workspace in Threat Intelligence Security Center.