Threat Intel Daily Brief
intel_daily_briefGenerate a local analyst threat brief from governed intel sources. Prioritize vulnerabilities using your inventory, EPSS threshold, and tenant profile for targeted response.
Instructions
Return a local analyst threat brief from governed intel sources.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| limit | No | Maximum packages/advisories to inspect, 1-500. | |
| packages | No | Optional inventory packages with purl or ecosystem/name/version objects for local matching. | |
| epss_threshold | No | Minimum EPSS probability for inventory-prioritized CVEs, 0-1. | |
| tenant_profile | No | Optional tenant profile with sectors and geos used to match campaign/ransomware inputs. | |
| kev_window_hours | No | KEV date_added lookback window, 1-168 hours. | |
| campaign_activity | No | Optional governed campaign activity items with sectors/geos and provenance for tenant-profile matching. | |
| ransomware_claims | No | Optional governed ransomware claim items with sectors/geos and provenance for tenant-profile matching. | |
| telemetry_indicators | No | Optional governed IoC observations with indicator, hit_count, source_url, license, fetched_at, and content_hash. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |