TISC Library Repository Release version: Zurich Updated July 31, 2025 1 minute to readIoC repository contains STIX objects, each of these objects contain a specific piece of information. ObservablesObservables represent stateful properties (such as the MD5 hash of a file or the value of a registry key) or measurable events (such as the creation of a registry key or the deletion of a file) that are pertinent to the operation of computers and networks.IndicatorsIndicators are artifacts observed on a network or operating system that are likely to indicate an intrusion. Typical IoCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs, or domain names.Threat EntitiesThe Threat Entities module provides structured records used to manage threat intelligence objects in the TISC. These records align with STIX domain object concepts and help standardize how threat activity is documented and analyzed.Other ObjectsDefine and manage data classifications within TISC.Vulnerability ArtifactsA Vulnerability is a weakness or defect in a software or hardware component that attackers exploit. Vulnerabilities apply for STIX 2.x.View RSS FeedsA threat intelligence feed is a real-time, continuous data stream that gathers information related to cyber risks or threats. RSS Feeds provide an easy way to stay up to date with your favorite websites, such as blogs or latest cyber security news.Working with Reports in TISCThe Reports module in the Threat Intelligence Library section enables you to create, manage, and publish reports that use any intelligence available in the Threat Intelligence Library.MITRE-ATT&CK RepositoryThe MITRE-ATT&CK repository is available under the Intelligence Library where the data from the MITRE sources are ingested.Relationships ObjectsUse the relationships objects to link together two observables or an observable and SDO to explain how they relate to each other.Potential RelationshipsThe application uses automated correlation to establish potentially possible relationships between two SDOs, two Observables or an observable and SDO.Vulnerability relationship mappingUse many-to-many (M2M) relationship records to map connections between vulnerabilities and other entities.Related conceptsUnderstanding the Data ModelTISC Library Objects form viewAccess Vulnerability Downstream actionsAutomated CorrelationRelated tasksDeleting threat intelligence library recordsExport intelligence dataConfirm Potential Relationships from Related Records
TISC Library Repository Release version: Zurich Updated July 31, 2025 1 minute to readIoC repository contains STIX objects, each of these objects contain a specific piece of information. ObservablesObservables represent stateful properties (such as the MD5 hash of a file or the value of a registry key) or measurable events (such as the creation of a registry key or the deletion of a file) that are pertinent to the operation of computers and networks.IndicatorsIndicators are artifacts observed on a network or operating system that are likely to indicate an intrusion. Typical IoCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs, or domain names.Threat EntitiesThe Threat Entities module provides structured records used to manage threat intelligence objects in the TISC. These records align with STIX domain object concepts and help standardize how threat activity is documented and analyzed.Other ObjectsDefine and manage data classifications within TISC.Vulnerability ArtifactsA Vulnerability is a weakness or defect in a software or hardware component that attackers exploit. Vulnerabilities apply for STIX 2.x.View RSS FeedsA threat intelligence feed is a real-time, continuous data stream that gathers information related to cyber risks or threats. RSS Feeds provide an easy way to stay up to date with your favorite websites, such as blogs or latest cyber security news.Working with Reports in TISCThe Reports module in the Threat Intelligence Library section enables you to create, manage, and publish reports that use any intelligence available in the Threat Intelligence Library.MITRE-ATT&CK RepositoryThe MITRE-ATT&CK repository is available under the Intelligence Library where the data from the MITRE sources are ingested.Relationships ObjectsUse the relationships objects to link together two observables or an observable and SDO to explain how they relate to each other.Potential RelationshipsThe application uses automated correlation to establish potentially possible relationships between two SDOs, two Observables or an observable and SDO.Vulnerability relationship mappingUse many-to-many (M2M) relationship records to map connections between vulnerabilities and other entities.Related conceptsUnderstanding the Data ModelTISC Library Objects form viewAccess Vulnerability Downstream actionsAutomated CorrelationRelated tasksDeleting threat intelligence library recordsExport intelligence dataConfirm Potential Relationships from Related Records