Investigation Dashboard
Overview of all active investigations and evidence
0
Investigations
0
IOCs Collected
0
TTPs Observed
0
Infrastructure
Active Investigations
Recent Evidence
Investigations
Create and manage investigation cases
IOC Repository
Collect, categorize, and link indicators of compromise
TTP Observations
Map observed tactics, techniques, and procedures to MITRE ATT&CK
ATT&CK Coverage Heatmap
Infrastructure Tracking
Map adversary command & control and operational infrastructure
Malware Samples
Track malware samples, families, and analysis findings
Diamond Model Builder
Map evidence to Diamond Model vertices for structured analysis
Adversary
Click to define
Capability
Click to define
Meta-Features
β Technical β
β Social-Political β
β Technical β
β Social-Political β
Infrastructure
Click to define
Victim
Click to define
Diamond Model Evidence Mapping
Event Timeline
Chronological view of all observed events across investigations
Link Analysis
Visual relationships between evidence, infrastructure, and actors
Drag nodes to rearrange. Colors: π΄ IOCs, π΅ TTPs, π£ Infrastructure, π Malware, βͺ Cases
Attribution Matrix
Score and assess attribution confidence across evidence layers
Generate Report
Export investigation findings as structured intelligence report