Knogin
[Developers]

Profile Export and Sharing

A financial intelligence unit prepares a referral package for law enforcement. They need the suspect's full profile, associated evidence, a relationship map, a chronological timeline, and a chain-of-custody record, forma

Back to All Modules
Category: InvestigationLast Updated: Feb 5, 2026
investigationreal-timecomplianceblockchain

Overview#

A financial intelligence unit prepares a referral package for law enforcement. They need the suspect's full profile, associated evidence, a relationship map, a chronological timeline, and a chain-of-custody record, formatted for submission and protected against unauthorised forwarding. Across the room, an analyst from a partner agency needs read-only access to the same profile for a concurrent investigation, but must not see certain restricted fields.

The Profile Export and Sharing module handles both requirements. It provides multi-format export with field-level redaction and dynamic watermarking, alongside collaborative case workspaces with granular permission controls, giving organisations precise authority over how profile intelligence is distributed and who can see what.

Open Standards#

  • OASIS STIX 2.1 / TAXII 2.1: Profile intelligence exports natively as STIX 2.1 bundles (Structured Threat Information eXpression), and the platform polls or serves feeds over TAXII 2.1 collection endpoints for interoperability with threat intelligence platforms and information-sharing organisations.
  • ISO 19005 (PDF/A) Parts 1, 4: Document exports generate court-admissible, archival PDF files conforming to ISO 19005-1 (PDF/A-1B), ISO 19005-2 (PDF/A-2B), ISO 19005-3 (PDF/A-3B), and ISO 19005-4 (PDF/A-4F), satisfying long-term preservation and legal discovery requirements.
  • RFC 3161 (Internet PKI Time-Stamp Protocol): Exported packages optionally include a cryptographic timestamp token from a trusted Time-Stamp Authority, providing tamper-evident proof of the time of export for chain-of-custody and legal proceedings.
  • MISP Core Format: Profile data exports conform to the MISP (Malware Information Sharing Platform) event and attribute format, enabling direct ingestion by partner MISP instances and compatible analysis platforms.
  • NIEM 6.0 (National Information Exchange Model): Structured incident and profile data exports to law enforcement and public-safety systems use NIEM 6.0 JSON-LD payloads, including geographic coordinate elements and standardised namespace contexts.
  • EDRM (Electronic Discovery Reference Model) XML: Profile and evidence packages export in EDRM 1.2 XML for legal discovery workflows, providing a standardised document container accepted by e-discovery review platforms.
  • JSON Web Token (RFC 7519): Time-limited sharing links and portal session credentials are issued as signed JWTs, carrying audience-scoped claims that enforce access-level restrictions, expiry, and forwarding controls without a round-trip to the issuing service.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Key Features#

  • Multi-Format Export Engine: Profiles export in structured data formats (JSON, XML, YAML), tabular formats (CSV, Excel), document formats (PDF, Word, HTML), threat intelligence formats (STIX, MISP), and graph formats (GraphML, Cytoscape) with format-specific configuration options.
  • Case Workspace Collaboration: Multi-investigator case workspaces enable real-time profile sharing, document collaboration, annotation, threaded discussions, task assignments, and timeline integration with role-based access controls.
  • Secure Sharing Controls: Granular permission management includes access level configuration, expiration dates, maximum access counts, IP whitelisting, MFA requirements, and forwarding restrictions for controlled profile distribution.
  • Content Protection: Dynamic watermarking with recipient tracking, download and print restrictions, field-level redaction, and encryption protect sensitive profile content during distribution and prevent unauthorised data leakage.
  • Batch Export: Multiple profiles export simultaneously with progress tracking, estimated completion times, and configurable delivery methods including direct download, email, secure file transfer, and cloud storage.
  • Custom Export Templates: Reusable export templates with format configurations, field selections, and delivery preferences enable standardised recurring exports for compliance reporting and data sharing workflows.
  • Scheduled Recurring Exports: Automated export schedules generate and deliver profile data packages at configurable frequencies for ongoing regulatory reporting and partner data sharing requirements.
  • Evidence Chain Integration: Exported profiles include associated evidence, documents, annotations, and timeline events with chain-of-custody tracking for legal proceedings and regulatory submissions.
  • Access Monitoring: Complete tracking of all export and sharing activities logs who viewed, downloaded, or forwarded shared profiles, with suspicious activity detection and alerting.

Use Cases#

  • Regulatory Filing: Compliance teams export profile data in regulatory-required formats for SAR filings, sanctions reporting, and examination responses with appropriate classification markings and audit trails.
  • Law Enforcement Case Referrals: Complete profile packages with evidence documentation, relationship maps, and timeline data are securely shared with law enforcement agencies through encrypted, watermarked exports.
  • Multi-Agency Investigation Coordination: Case workspaces enable investigators across organisations to collaborate on shared profiles with role-based visibility controls, annotation capabilities, and coordinated task management.
  • Threat Intelligence Sharing: Profile data exports in STIX and MISP formats enable threat intelligence sharing with industry partners, information sharing organisations, and analysis platforms.
  • Legal Discovery Response: Profile exports with complete audit trails, access histories, and chain-of-custody documentation satisfy legal discovery requirements with court-admissible formatting.
  • Executive Reporting: Formatted PDF and document exports with embedded visualisations, risk summaries, and relationship diagrams support executive briefings and board-level reporting requirements.

Integration#

The Profile Export and Sharing module integrates with the platform's profile management, case management, evidence management, and reporting systems. Export capabilities connect to external document management systems, threat intelligence platforms, and legal discovery tools. Case workspaces synchronise with investigation interfaces, and sharing controls integrate with enterprise identity providers for authentication and access management. Collaboration notifications deliver through email and messaging platform integrations.

Ready to Build?

Get started with our APIs or contact our integration team for support.