AI SOC Applications

ai soc includes the following applications you can find them in applications & applets after install each application defines a data model and record layout that organizes how you view and work with records signal triage (sig) application for managing security signals when you open a signal record, you'll see a controls area for sla tracking, claim , and re assign owner actions, along with panels for ai analysis, evidence, and triage fields threat intelligence (ti) application for storing observable enrichment results records display with an observable panel that anchors key fields, plus enrichment results and risk scores signal routing rules (rule) application for defining routing logic that maps signals to playbooks records use a tabbed layout for rule data and configuration knowledge base articles (kb) application for storing investigation guidance and procedures records use an article tab layout with a status toggle for enable/disable case management (case) application for managing escalated incidents records display with an activity timeline embedded at the top, plus fields for case details, evidence, and lifecycle tracking ai ingestion (ai) ai ingestion (ai) application for building and tracking alert ingestion configurations each record represents an ingestion setup (for example, vendor product, api specification uploaded, components generated) the custom widget guides you through creating connector components and ingestion pipelines; use the audit tab to review configurations and activity for the full workflow, see docid 0p9qwz3o 0j5dnkpjugmq these walkthroughs explain where to start in each application, which panels to prioritize when viewing records, and the actions to use for triage and investigation