Configure CSAP Features
Control and manage features that are made available to members in the Collaborate Member Portal as well as the Analyst Portal.
Steps
To configure the Collaborate features, follow these steps:
Go to Administration > Configuration and select Features.
Click Edit.
Choose and configure any of the following features:
Collaborate: This feature is available only for Cyware cloud-based deployments. Turn on or off the toggle to allow or block Collaborate in the Member Portal. Collaborate helps members interact with each other in real-time using Messenger or Collaborative Notes. By default, it is enabled.
Actions: Turn on the toggle to assign tasks to members, based on threat insights shared in alerts or as a course of normal security measures. By default, it is enabled.
Alert Delivery Options: Turn on the toggle to enable admins to select alert delivery options while adding members. These options include Member Portal, mobile, and email notification. By default, it is disabled.
Event Calendar: Turn on the toggle to allow members to access the event calendar. Turning on this feature also allows analysts to use Events as a category while creating alerts. By default, it is enabled.
Member Directory: Turn on the toggle to allow or block members to access the Member Directory. Member Directory includes information such as a member's name, job title, date joined, location, and organization. By default, it is enabled.
Request to Join: Turn on the toggle to allow or block members from requesting access to invite only groups that are relevant to them. By default, it is disabled.
RFI (Request For Information): Turn on the toggle to allow or block members to access the RFI module on the Member Portal. RFI helps members to get the required information collaboratively from members. By default, it is enabled.
Threat Assessment: Turn on the toggle to allow analysts to attach acknowledgment questions to alerts to get the status of the members impacted by a vulnerability, malware, or threat activity. Turning this on also allows members to respond to the threat assessment questions. By default, it is enabled.
Allowed Indicators: Turn on the toggle to allow members to view and use Indicators Allowed. By default, it is enabled.
ATT&CK Navigator: Turn on the toggle to enable the ATT&CK Navigator for both the Analyst and Member Portal. By default, it is enabled. In the Analyst Portal, the ATT&CK Navigator consists of the Alert, Intel, and TDL Heat Maps whereas in the Member Portal, only the Alert and TDL Heat Maps will be available.
The TDL Heat Map is available in Collaborate only if the Threat Defender Library feature is enabled.
Note
If the Threat Defender Library is enabled, TDL Heat Map will continue to be available in the ATT&CK Navigator even if this configuration is switched off.
Tag Library: Turn on the toggle to allow or block members from accessing the Tag Library module on the Member Portal. Using Tag Library, members can view all the tags present in the application. By default, it is enabled.
Survey Request: Turn on the toggle to allow or block members to create survey requests in the Member Portal. If you do not enable this, members can not create survey requests. By default, it is enabled.
Browser Extension: This feature is available only for Cyware cloud-based deployments. Turn on the toggle to allow or block intel submissions made by members through the Cyware Threat Intel Crawler browser extension. If you do not enable this, Cyware Threat Intel Crawler is not available to members. By default, it is enabled.
TLP Version: Select a TLP version for your Collaborate instance. Collaborate supports both TLP 1.0 and TLP 2.0. By default, TLP 1.0 is selected. Select the required TLP version from the drop-down. By default, TLP 1.0 is selected.
Click Update to save the changes.