View Investigation Additional Enrichment Data

If the selected indicator is an IOC, you can see additional Threat Command enrichment data in the following tabs (shown only if they are relevant):

  • Related File Hashes temporary placeholder
  • WHOIS - Shows the WHOIS information.
  • CPEs - Shows information about the CPEs affected by the CVE.
  • Resolutions - Shows information for resolved IP address or domain:
    temporary placeholder
  • DNS - Shows information about the DNS entries:
    temporary placeholder
  • Subdomains - Shows additional subdomains.
  • Web Components temporary placeholder

On most of these tabs, you can download the information to a CSV file with the Export all link.