Contents x
Applying Security Labels
  • 16 Nov 2023
  • 2 Minutes to read
  • Print
  • Dark
    Light
Contents

Applying Security Labels

  • Updated on 16 Nov 2023
  • 2 Minutes to read
  • Print
  • Dark
    Light
Article summary

Overview

Security Labels provide a means to designate information stored within ThreatConnect® as sensitive. ThreatConnect uses the Traffic Light Protocol (TLP) system published by the Forum of Incident Response and Security Teams™ (FIRST).

When sharing data with partners, or when copying data to and from Communities, Security Labels provide control over what is shared and allow the sharer to redact information based on Security Labels that are applicable to Groups, Indicators, and Victims, as well as Attributes added to those object types.

Note
If you have two versions of the same Group—one in your Organization and another in a Community or Source—and each version has a different Security Label applied to it, then when you contribute the Group in your Organization into the existing Group in the Community or Source, the Security Label will be appended into the contribute operation, and both Security Labels will be applied to the Group in the Community or Source.

Before You Start

Minimum Role(s)Organization role of Standard User or Community role of Contributor
PrerequisitesSecurity Labels must be configured by the owner’s System Administrator, Organization Administrator, or Community Editor or Director. See ThreatConnect System Administration Guide, ThreatConnect Organization Administration Guide, ThreatConnect Community and Source Administration Guide, and Creating Security Labels for more information.

Applying Security Labels to Groups, Indicators, and Victims

New Details Screen

  1. Navigate to the Details screen for an Indicator or Group.
    Important
    The new Details screen is not currently available for Email, Signature, and Task Groups and for Victims. As such, you can apply Security Labels to these object types on the legacy Details screen only.
  2. On the Overview tab, click EditEdit button_Details card_Details screenat the top right of the Details card, or click on the Security Labels section of the Details card. The object’s Security Labels will now be editable (Figure 1).

    Figure 1_Applying Security Labels_7.1.0

     

    • Security Labels: Select one or more Security Labels from the multi-select dropdown.
    • Click the ConfirmConfirm icon_Details screenbutton at the top right of the Details card to apply the selected Security Label(s) to the object.

Legacy Details Screen

  1. Navigate to the legacy Details screen for an Indicator, Group, or Victim.
  2. Locate the Security Labels card on the left side of the screen (Figure 2). Figure 2_Applying Security Labels_7.1.0

     

    • Choose Security Labels: Select one or more Security Label(s) from the multi-select dropdown.
    • Click anywhere outside of the dropdown to apply the selected Security Label(s) to the object.

Applying Security Labels to Attributes

For instructions on applying Security Labels to Attributes, see the “Creating, Editing, and Deleting Attributes” section of Attributes.

ThreatConnect® is a registered trademark of ThreatConnect, Inc.
Forum of Incident Response and Security Teams™ is a trademark of FIRST.ORG, Inc.

20018-01 v.08.B

Was this article helpful?
Related articles
What's Next
Company
Sales and Support
Follow Us
© 2012–2023 ThreatConnect, Inc. All Rights Reserved.