Security Orchestration Use Case: Automating IOC Enrichment
Enrichment of indicators is one of the first tasks security teams perform during incident response. The challenges here are twofold. Firstly, the process of indicator enrichment is as repetitive as it is important. Analysts risk getting mired in this grunt-work while the attack continues to manifest. Secondly, isolated security tools result in a struggle to reconcile threat intelligence data across platforms to get an overall understanding of indicator malice....