NLAfiligran

## Use case For infrastructure tracking purposes. We need to be able to query specific patterns. Example of patterns: page.title:"Notion Desktop App for Mac & Windows" NOT page.domain:notion.so https://urlscan.io/search/#page.title%3A%22Notion%20Desktop%20App%20for%20Mac%20%26%20Windows%22%20NOT%20page.domain%3Anotion.so This...

## Use case For infrastructure tracking purposes. We need to be able to query specific patterns. Example of patterns: entity:url ( exact_path:/profile/ OR exact_path:/profile1/ OR exact_path:/buy/ ) response_code:503 header_value:"LiteSpeed" NOT...

Be able to send more context to splunk

2

Ensure sufficient context is sent to Splunk to enable SOC analysts to properly qualify alerts. In some organizations, it can be challenging to change SOC analysts' workflows and require them...

Fix description when exporting pdf in a IR case

1

Original format  But when exporting to pdf, the format is broken 

Be able to select a specific set of indicators (e.g. associated to a threat actor of interest) and send them to Splunk by API to search for any matches across...

Be able to have the context of a TTP extracted automatically from the text and added to the TTP. For example in this [report](https://cloud.google.com/blog/topics/threat-intelligence/fin7-phishing-lnk/ ): FIN7 uses Powershell. Would be...

Microsoft Defender Threat Intelligence connector

2

Create Microsoft Defender Threat Intelligence connector