Enrich the Nodes
When adding a node, you can enrich your data to expand your canvas further and contextualize your data. Intel Exchange automates the sources of enrichment to expand the graph and contextualization capabilities.
You can enrich your nodes by using the following:
CTIX enrichment
Third-party enrichment tools
Global filter
Steps
To enrich a node on the Threat Investigation canvas, follow these steps:
Right-click a node and select Enrich.
Select the enrichment tools that are available to enrich the selected object type. You can use the enrichment tools configured and enabled in Administration > Enrichment Management.
Click Enrich.
After a successful enrichment, double click the node and go to the Enrichments tab to view the enrichment details. You can also view the enrichment details in the Enrichment Details tab of the Threat Data object details.