Applying Security Labels

Minimum Role: Organization role of Standard User or Community role of Contributor

Prerequisites: Security Labels must be configured by the owner’s System Administrator, Organization Administrator, or Community Editor or Director. See ThreatConnect System Administration Guide, ThreatConnect Organization Administration Guide, ThreatConnect Community and Source Administration Guide, and Creating Security Labels for more information.

Overview

Security Labels included in ThreatConnect^® provide a means to designate information stored within ThreatConnect as sensitive. ThreatConnect uses the Traffic Light Protocol (TLP) system published by the Forum of Incident Response and Security Teams™ (FIRST).

When sharing data with partners, or when copying data to and from Communities, Security Labels provide control over what is shared and allow the sharer to redact information based on Security Labels that are applicable to Indicators, Attributes, Groups, Tasks, Tracks, and Victims.

Applying a Security Label to an Object

1. Navigate to the Details screen for an Indicator, Group, or Victim. For instructions on accessing an object’s Details screen, see the “Viewing the Details Screen” section of The Details Screen.
2. On the Security Labels card, click the Choose Security Labels dropdown menu to display a multi-select list of Security Labels that you can apply to the object (Figure 1).

   

    

3. Select the checkbox(es) for the Security Label(s) you want to apply to the object.
4. After all desired Security Labels are selected, click theicon at the upper-right corner of the list (Figure 1). The selected Security Labels will be applied to the object and displayed in the Security Labels card (Figure 2).

   

    

ThreatConnect^® is a registered trademark of ThreatConnect, Inc.
Forum of Incident Response and Security Teams™ is a trademark of FIRST.ORG, Inc.

20018-01 v.07.A