Scoring - Affected IoCs

Maltiverse Threat Intelligence Platform offers a powerful feature known as the Scoring Algorithm, which is available for Enterprise customers. This customizable, rule-based scoring algorithm is pivotal in evaluating and managing the threat intelligence data uploaded by the customer. A key component of this algorithm is the concept of “Affected Indicators,” which we will explore in this article.

Understanding “Affected Indicators” #

Definition #

“Affected Indicators” refer to the set of IoCs that match the query of a scoring rule. These IoCs are directly impacted by the actions defined in the rule’s action stack and is changing across time.

Visualization in Maltiverse #

“Affected Indicators” are prominently displayed in two areas within the Maltiverse platform:

Scoring Rule Dashboard:
- In this table, each scoring rule is listed along with various details.
- The “Affected Indicators” for each rule are shown as a count in a dedicated column.
- This count gives a quick overview of how many IoCs are currently impacted by the rule.

Individual Rule View:
- Within each rule’s detailed view, there is a tab labeled “Affected IoCs.”
- This tab not only displays the count of affected IoCs but also provides a browsable, paginated list of these IoCs.
- Users can navigate through this list to examine each affected IoC in detail.

Interacting with Affected Indicators #

Analysis: Users can analyze the listed IoCs to understand why they were matched by the rule and the implications of the applied actions.
Modification: Based on this analysis, users can modify the rule’s query or action stack to refine their threat intelligence process.
Tracking Changes: Over time, as the threat landscape evolves, users can track how the number and nature of affected IoCs change in response to their rule adjustments.

Conclusion #

The “Affected Indicators” feature in Maltiverse’s Scoring Algorithm is a crucial tool to manage and refine their scoring rules effectively. By providing a clear view of the IoCs impacted by specific rules and allowing for in-depth analysis and modification.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Data Set

Features

Maltiverse Platform

Scoring – Affected IoCs

Understanding “Affected Indicators” #

Definition #

Visualization in Maltiverse #

Interacting with Affected Indicators #

Conclusion #

What are your Feelings

Understanding “Affected Indicators” #

Definition #

Visualization in Maltiverse #

Interacting with Affected Indicators #

Conclusion #

What are your Feelings

Share This Article :

How can we help?