Command Center

Entities by status

Remediation counts for your selected organization

Loading…

Entities by type

Distribution across entity types

Loading…

Add Entity to Database

Choose a type and display name; optional metadata and links below.
Metadata
Relationships
Selected:
Selected:

Bulk import entities

Paste a JSON array or a comma-separated list. Each item is sent to the entities API. Optionally link all created rows to a threat actor, detection, or ransomware group.
Import as
JSON format

Submit an array of objects. Required: entity_type, natural_key. All other fields optional.

[
  {
    "entity_type": "hash",
    "display_name": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
    "natural_key": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
    "description": "Malware sample",
    "risk_score": 10.00
  }
]

Valid entity_type: victim, host, user, process, ip, domain, url, hash, email, file, registry, service, container, account, certificate, cve, phishing, yara, browser_extension

Tip: You can ask an assistant to convert a CSV to this JSON using the example above.

For a comma list you must pick the entity type for every value. Each value becomes natural_key and display_name.

Separate with commas; newlines are allowed. Empty entries are ignored.

Link all created entities to (optional)

After each entity is created, optional links are applied. Search by name or enter IDs. You can set a default source and link URL for every row.

Detections
Rules · Analytics · Findings