An overview of working with threat intel reports in Cortex XSOAR.
Threat Intel Reports gives you the ability to create, review, publish, and generate t threat intelligence reports.
Threat intel reports summarize and share threat intelligence research conducted within your organization by threat analysts and threat hunters. Threat intelligence reports help you communicate the current threat landscape to internal and external stakeholders, whether in the form of high-level summary reports for C-level executives, or detailed, tactical reports for the SOC and other security stakeholders.
If users are unable to see the Threat Intel page, ensure that users have access, by verifying that their user role is assigned the Threat Intel permission (Page Access).
The Threat Intel Reports page shows all the types of reports created, the Traffic Light Protocol, the status, and who created the report. You can do the following:
By default, users with Administrator or Analyst roles have read/write access to the reports themselves. When creating a report, you can restrict access to the report.
Enables you to create a PDF version of the report.
Once published, it creates a read-only version of the report for you to share.