Knowledge DB

Applies to Product: USM Appliance™ LevelBlue OSSIM®

Some built-in correlation directives also include a link that points to a document in the LevelBlue Knowledge Base (Configuration > Threat Intelligence > Knowledge Base). The Knowledge Base contains vendor provided information on a vulnerability or knowledge from the information security community. It provides suggestions to security analysts and incident response teams on where to look for information about an activity or an attack.

To read the document linked to the directive

  • Expand the Knowledge DB option, and then click the title of the document.

For example, the following directive, which detects an exploit in Internet Explorer, includes a Knowledge Base document that describes the exploit and where to find more information about the exploit.

Knowledge Base page from Threat Intelligence.