This Torq workflow template, "Extract Multiple Observables with AI Task," is designed for streamlined case management and threat hunting. It provides a robust solution that uses AI to efficiently extract and classify various types of observables from raw text input, adhering to the Open Cybersecurity Schema Framework (OCSF). The extracted data is neatly presented in either a grouped or listed format, simplifying the integration of this intelligence into cybersecurity cases or threat analysis processes.
Use Cases
Case Management , Threat Hunting
Workflow Breakdown
Select either a grouped or listed output.
The AI Task operator will extract and classify observables based on the OCSF schema.
Vendors
Workflow Output
Observables extracted and classified into a grouped or listed format.
Tips
Iterate over the listed output to append each observable to a case.
Use Type and Sub-Type values to populate observable parameters.