TIP Quick Start

This section describes how to use the TIP module to investigate threats and IOCs (indicators of compromise) in the fastest way.

Before you begin, ensure that IOC sources are defined, as described in TIP Sources. This is normally performed by the Threat Command administrator.

  1. Log in at https://dashboard.ti.insight.rapid7.com.
    For more information, see Log in to Rapid7 Threat Command.
  2. From the main menu, choose TIP > Investigation.
  3. Type a valid search term.
    The search term must be a valid IOC.

Investigated threats are displayed in the TIP IOCs page.

Where to go from here

  • For more information about investigating threat terms, see Investigation.
  • For more information about TIP sources, see TIP Sources.