View Threat Intelligence Security Center home page

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 5 Minuten Lesedauer

    • Use the TISC homepage which is the landing page, to visualize the threat intelligence related data.

    Vorbereitungen

    Role required: sn_sec_tisc.analyst

    Prozedur

    1. Navigate to All > Workspaces > Threat Intelligence Security Center.
      The TISC Home Page is displayed.
      TISC homepage
    2. View the TISC homepage with different widgets data.
      The homepage view consists of three different tabs: Feeds Overview, Trending Threats, and Intelligence Sharing. The content on the homepage comes from various sources such as observables, indicators, and data feeds.
      1. Feeds Overview: This tab provides a high level overview of different sources that the data is ingested and sources that are configured for the data ingestion.
        Tabelle : 1. Feeds Overview
        Widget Name Description Action
        Number of Sources Displays the number of sources by status such as draft, enabled, and disabled in the system. When this widget is clicked, the list page is opened with the filtered records.
        Active Sources by Source Type Displays the distribution of active sources by source type. When this widget is clicked, the list page is opened with the filtered records.
        Active Sources by Feed Format Displays the number of enabled sources by Feed Type. When this widget is clicked, the list page is opened with the filtered records.
        Total Active Observables (30 days) Displays the top 10 sources by volume of intelligence records that were created in the last 30 days. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
        Active Observables by Type Displays the top total volume of observable aggregates that were created in the last 30 days. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
        Active Indicators by Pattern Type Displays the total volume of Indicator aggregates by pattern type that were created in the last 30 days. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
        Total Active Indicators (30 days) Displays the total volume of indicator aggregates that were created in the last 30 days. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
        Top Sources by False Positives Count (30 days) Displays the total volume by of False Positive observables that were created in the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
      2. Trending Threats: This tab provides a high level overview of the trending threats.
        Tabelle : 2. Trending Threats
        Widget Name Description Action
        Latest Reports (Top 10) Displays the list of reports and links - Top 10 order by published date. When this widget is clicked, the list page is opened with the filtered records.
        Latest RSS Feeds (Top 10) Displays the list of RSS feeds and links - Top 10 order by published date. When this widget is clicked, the list page is opened with the filtered records.
        Active Observables by Threat Score Range (30 days) Displays the observables count that were created in the last 30 days distributed by Threat Score ranges. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
        Active Observables by Reputation (30 days) Displays the observables count that were created in the last 30 days distributed by Reputation. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
        Top tags (30 Days) Displays the top tags on the records created in the last 30 days based on the frequency of usage. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
        Most Targeted Sectors (30 days) Displays the top 10 sectors ranked by activities reported that were created in the last 30 days. When this widget is clicked, the KPI details page of the widget for the selected filter is opened in a new tab.
      3. Intelligence Sharing: This tab provides a high level overview of the intelligence sharing.
        Tabelle : 3. Intelligence Sharing
        Widget Name Description Action
        Inbound Intel - Record Count (30 days) Displays the number of inbound intel records received in the last 30 days, categorized by type (Observable, Object, Indicator). When this widget is clicked, the list page is opened with the filtered records.
        Outbound Intel - Record Count (30 days) Displays the number of outbound intel records shared in the last 30 days, categorized by type (Observable, Object, Indicator). When this widget is clicked, the list page is opened with the filtered records.
        Inbound Intel - Distribution by Status (30 days) Displays the distribution of inbound intelligence records by status over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
        Outbound Intel - Distribution by Status (30 days) Displays the distribution of outbound intelligence records by status over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
        Inbound Intel - Top Sharing Profile (30 days) Displays the top profiles based on inbound intel received over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
        Outbound Intel - Top Shared Profile (30 days) Displays the top profiles based on outbound intel shared over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
        Inbound Intel - Most Shared Types (30 days) Displays the most frequently received intel types (Object, Indicator, Observable) over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
        Outbound Intel - Most Shared Types (30 days) Displays the most frequently shared intel types (Object, Indicator, Observable) over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
        Inbound Intel - Distribution by Format (30 days) Displays the format distribution (e.g., MISP, STIX) of inbound intel over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.
        Outbound Intel - Distribution by Format (30 days) Displays the format distribution (e.g., MISP, STIX) of outbound intel over the last 30 days. When this widget is clicked, the list page is opened with the filtered records.