Security Operations Integration - Sightings Search capability

Sightings Search capability accepts a set of observables, finds any integrations that support a Sightings Search, then executes these searches.

The Sightings Search capability has a workflow, Security Operations Integration - Sightings Search workflow, that executes the sightings search. This workflow accepts a list of observables, finds any implementing capabilities, creates the queries based on Sightings Search Configurations, and executes the searches based on the configured workflow. Once the search is complete a note is added to the incident Work notes.

Note: If no implementations are available, capability actions are not displayed in product menus.