SOC.OS enriches alert data with look up from 3rd-party sources, including AbuseIPDB and AlienVault OTX
Once received, alert data is cleansed, parsed and the MITRE ATT&CK® threat associated with the alert is identified. Alerts are then enriched with threat intelligence data from AbuseIPDB and AlienVault OTX (Open Threat Exchange), providing the analyst with context to enable data driven remediation decisions to be made quickly and effectively.
Click the video below for a walk through accessing enrichments on an example cluster