TLP Amber reports are finished intelligence reports, accessed with an Enterprise subscription within the platform, that provide a comprehensive breakdown of how to detect, counteract and monitor the activities of specific threat actors, and APT campaigns.

The reports provide more platform-specific context than our public research blogs are able to offer, and allow us to pass on intelligence and threat hunting techniques deemed too sensitive for the public sphere, where threat actors may have access to it.

TLP Amber reports contain links to queries, regex strings, feed data and sections on the specific actions that security teams need to take in the platform, to counteract emerging TTPs.

To access TLP Amber reports: