Tutorials
Step-by-step walkthroughs that take you from start to finish on a complete task. Each tutorial is designed for learning — follow the steps in order.
| Tutorial | Description |
|---|---|
| Daily SOC Workflow | Check the research library, run AI research, curate, and push a live EDL |
| Production Scheduled Pipeline | Set up a long-running process with ingest, export, curation, and reporting jobs |
| Analyst Intelligence Workflow | Build a cross-platform evidence graph, run correlation and gap detection, produce a structured intelligence report, and publish to downstream consumers |
| XSOAR + ThreatQ + GreyMatter → Power BI | Runnable end-to-end investigation script: seed expansion across three platforms, graph materialisation, and Power BI xlsx export; supports --mock for dry runs without live credentials |
| Your First Rule | Create a minimal hypothesis evaluation rule, enable the engine, and see it fire |
Diataxis note: Tutorials are learning-oriented. If you already know what you want to do, see the How-to guides instead.
Licensed under the Apache License, Version 2.0