This site is scheduled for a small content update on Thursday, March 28th, between the hours of 8:00am and 12:00pm (noon) Pacific Time (Mar 28 15:00 – Feb 22 19:00 UTC). Access to this site may be slightly delayed during that time.

Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.
  • Madrid
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store

Security Operations Integration - Sightings Search capability

Log in to subscribe to topics and get notified when content changes.

Security Operations Integration - Sightings Search capability

The Sightings Search capability accepts a set of observables, finds any integrations that support a Sightings Search, then executes these searches.

The Sightings Search capability has a workflow, Security Operations Integration - Sightings Search workflow, that executes the sightings search. This workflow accepts a list of observables, finds any implementing capabilities, creates the queries based on Sightings Search Configurations, and executes the searches based on the configured workflow. Once the search is complete, a note is added to the incident Work notes including whether any sightings were found and if so, how many.

Note: To view Sightings Search Configurations, navigate to Security Operations > Integrations > Sightings Search Configurations.
Note: If no implementations are available, capability actions are not displayed in product menus.