Manage groups

  • Freigeben Version: Australia
  • Aktualisiert 12. März 2026
  • 1 Minute Lesedauer

    • Manage the groups that have been imported from the MITRE TAXII collections. Groups are sets of related intrusion activity that are tracked by a common name in the security community. Analysts track clusters of activities using various terms such as threat groups, activity groups, threat actors, intrusion sets, and campaigns. In STIX, groups are known as intrusion sets.

    Vorbereitungen

    Role required:
    • sn_ti.admin: delete access
    • sn_ti.read: read access
    • sn_ti.write: create, write access

    Prozedur

    1. Navigate to All > Threat Intelligence > MITRE ATT&CK Repository > Groups.
      You can view the listed groups.
    2. Click a group to view all the associated information.
      In the following illustration, you can view the details for the Ajax Security Team group, its ID, source, and other related information.View details for the group and other related information.
    3. To view how these objects are related, click Show Relationships.
      Hinweis:
      To associate the threat groups to a security case for deeper investigation, click Add to Security Case.

    Nächste Maßnahme

    Use the techniques module to add or modify the groups data.