Working with TISC Context

  • Release version: Australia
  • Updated April 16, 2026
  • 1 minute to read

    • TISC context facilitates viewing threat intelligence data such as observables within the security incident response workspace.

    Security analysts can detect, investigate, and respond to security incidents more effectively from the workspace.

    TISC Context in Security Incident Response Workspace allows security analysts to add security incidents or observables to TISC cases directly from the workspace. You can also view enrichment results and observables related information such as threat actors, attack patterns, and campaigns.

    Using this section, you can do the following:
    1. Associate observables to a TISC case.
    2. View associated observables information.
    3. View observables enrichment results.
    For more detailed information and procedures, see the following sections. For more information on how the integration works between TISC and Security Incident Response Workspace, see TISC integration with SIR Workspace in Threat Intelligence Security Center.