Cyware Enhances Threat Alert Contextualization with New 'Custom Fields' Capability

In cybersecurity, there is no one size fits all approach. To improve the process of creating Alerts based on an organization’s distinct requirements, the Cyware Situational Awareness Platform (CSAP) now provides the ability to add custom fields for creating threat alerts or sharing threat intelligence.

Why do we need to customize alerts and intel sharing?

Every organization has a different set of requirements based on its business operations, technology infrastructure, internal processes, and other factors.

• Keeping this in mind, this feature ensures that Admins are not limited to default fields and can create custom fields as per their requirements, thereby giving them the flexibility to design Alerts for their organization’s specific needs.

• It allows the inclusion of any kind of information in an Alert or Intel in CSAP. Thus, the feature can be used by security teams to provide additional context to threat alerts.

• As an example, a sectoral ISAC can use custom fields to contextualize their information sharing based on factors such as the type of application vulnerability, business units affected, scripts used, type of fraud, malware, etc.

How does it work?

• CSAP Admins can find Custom Fields under the Field Management section in the Settings module.

• Using this, Admins can create custom fields of various types such as textbox, single select dropdown, multi-select dropdown, or others.

• The custom fields can be mapped to a particular category and it can be used for both Alerts as well as intel submission.

The takeaway

Threat alerts and intel sharing help drive cyber situational awareness across different business units within an organization. With this new feature, CSAP allows security teams to further tweak this process according to their specific threat environment.