Documentation rendue
Cette page rend le Markdown et Mermaid du module directement depuis la source publique de documentation.
Overview#
The Campaign domain provides functionality for managing and tracking coordinated sets of malicious activities or threat operations. Campaign profiles represent structured intelligence about organized cyber operations involving multiple threat actors, attack patterns, tools, and objectives working toward common goals.
Key Features#
- Campaign profile management with objectives, associated actors, and references
- Multi-tier access control with tenant, organization, secrecy level, and country restrictions
- Investigation linking for associating campaigns with active investigations
- Graph-based relationship modeling for campaign-to-actor and campaign-to-target connections
- Dual naming convention support for frontend (camelCase) and backend (snake_case) compatibility
- Threat level and secrecy level classification with enum validation
- Automatic metadata assignment including tenant and organization context
- Superuser bypass for cross-tenant analysis workflows
Use Cases#
- Tracking Advanced Persistent Threat (APT) campaigns across organizations
- Documenting ransomware campaigns with associated threat actors and objectives
- Linking campaign intelligence to ongoing investigations for contextual analysis
- Cross-campaign correlation for identifying shared tactics and infrastructure
Integration#
Integrates with investigations for contextual linkage, threat actor profiles for attribution, and the graph database for relationship traversal and campaign visualization.
Last Reviewed: 2026-02-05