Overview
More complete Dashboard than the Default one giving details on qualified Intelligence in the platform and letting experiment with more widgets and data sources.
A more complete Dashboard than the Default one giving more details about the qualified Intelligence in the platform and letting experiment with more widgets and data sources.
Composition
This Dashboard is full with various data visualizations providing different metrics and ways to understand the global threat landscape based on all the data on your platform.
The first rows of widgets let you quickly overview the “liveliness” of your knowledge base with global metrics about ingestion volume and also the subjects you should focus your investigations on: a surge in threat activity against a specific sectors, or a newly active threat!
Further down in the Dashboard are metrics ingested Reports, giving you a glimpse on hot topics but also identify most relevant sources. Some metrics are also displayed for Indicators, to give you an idea of who is helping you defend yourself and with what type of Indicators.
At last, a significant part of the Dashboard focus on a timeline of attack campaign, to quickly identify what is currently being investigated by the cybersecurity community.
Data prerequisites
As any Dashboard in OpenCTI, it relies on structured data. In order to work, your platform must have:
- relationships “targets” between threats and usual targets like sectors, countries, etc.
- relationships “uses” between threats and malware/tools, etc.
Depending on the way your data are structured, this dashboard might need some adjustments. Please contact Filigran on Slack if you need any help!