The “Discarded Threats” page on the PreCrime Platform serves as a crucial component in maintaining the integrity of our digital threat monitoring process. This page displays a list of infrastructures that our purple team has thoroughly analyzed and concluded to represent no threat to our clients.
The primary purpose of this page is to provide transparency and maintain an organized record of all the infrastructures that have been investigated and found harmless.
Page Layout and Features
-
Discarded threats: Displays domains that have been reviewed by our team.
-
Search Functionality: Allows users to search through the list using domain names to find specific entries quickly.
-
Action Buttons:
-
Discard Permanently: Removes the infrastructure from our monitoring systems, signifying that it no longer needs to be revisited.
-
Report False Positive Negative: If you believe that an infrastructure listed as non-threatening might pose a threat, this option allows you to flag it. It will trigger a Slack message to the purple team. They will then take action and move it the the disrupted attack list.
-
-
Export Option: The ability to export the list as a CSV file, useful for reports or further analysis.
How to Use the Page
-
Navigating the List: Scroll through the list or use the pagination controls to view different entries.
-
Searching for an Infrastructure: Enter the domain or infrastructure name in the search bar to quickly locate specific entries.
-
Taking Action:
-
If you need to permanently remove an entry from the list, click Discard Permanently.
-
If you suspect that an entry may have been incorrectly marked as non-threatening, click Report False Positive to initiate a reevaluation.