ThreatParse is a technology that conducts natural language reconstruction of attacks by summarizing and translating log information into plain English. It also links this information to the MITRE ATT&CK framework and includes the risk scores assigned to attackers. The information on the ThreatParse details page helps your analysts to understand what the attacker is trying to accomplish. Analysts can prioritize the most pressing threats first and take necessary actions to stop lateral movement.

You can access the ThreatParse details page from the extended details page and view a list of threats associated with the entity along with their risk scores.

See image.

For each threat, you can view information such as:

• A detailed description of each threat
• Attack examples
• Attack mitigations
• MITRE ATT&CK ID
• MITRE ATT&CK tactic
• Event occurrence summary
• Important information about the attacker (e.g., the username and password the attacker submitted)

See image.