Answering Big Questions With New Entity Types
Predict 21: The Intelligence Summit Register Today

Answering Big Questions With New Entity Types

December 18, 2013 • Chris

After recently announcing new Enterprise alerts, we’re back to introduce “entity type” queries for answering challenging web intelligence questions that cut across hundreds of thousands of entities at a time.

How would you go about identifying all of the people related to a particular subject or all of the companies reportedly affected by an APT or the group of cities where protests are planned for next weekend?

Recorded Future users can now design powerful queries for events involving any entity within an entity type. Categories include people, locations, companies, technologies, malware, and many more.

How to Search by Entity Type

To get your juices flowing, we’ve come up with a few example questions for which entity types (in italics) are useful:

  • What companies have been attacked by a particular threat actor?
  • In what cities are disease outbreaks occurring right now?
  • What hash values have been mentioned related to a high impact vulnerability?
  • Who are the people associated with peace negotiations in Burma?

Pak Map City Disease

Querying by entity type is a powerful method for achieving very targeted results as well as filtering out general discussion when you’re seeking particular kinds of relationships and event information.

In each of the examples above, consider what we’ve been able to quickly identify: corporate targets affected by the Syrian Electronic Army; city-level disease reporting without treatment or country-level discussion; technical information about a software vulnerability; and people specifically invested in a peaceful political outcome in Burma.

How Exactly Does This Work?

As we analyze text from the web, entities are identified by linguistic algorithms and tagged with a type. Certain entity types have a parent / child relationship – cities within countries within continents – while others are independent.

Search for events using entity types by opening the advanced query builder, selecting the Involving line, and then choosing from the “Type” categories. You can also simply enter the name of a category in the Involving field. The full list of available entity types is here.

Entity Type Search

What happens when you search and entity type? If you’re looking broadly for quotations about Products, results could include the iPad, Model S, Xanax, and Internet Explorer all in the same data set. Or ask for Armed Attack events in Karachi that mention a Region (neighborhood level) to only display those references that include the desired granularity of geo-information.

Ready to try it out? Fire up the how-to article on our support site and then login to Recorded Future.

New call-to-action

Related Posts

Using Intelligence to Prioritize AWS Guard Duty Alerts

Using Intelligence to Prioritize AWS Guard Duty Alerts

March 10, 2021 • Meghan McGowan

Security operations teams are inundated with alerts and threats making it difficult for them to...

Announcing Security Intelligence for Splunk — For Free

Announcing Security Intelligence for Splunk — For Free

February 23, 2021 • Ellen Wilson

Today, we’re thrilled to announce the launch of a free 30-day trial of our integration for Splunk...

Special Delivery: Recorded Future Hunting Packages

Special Delivery: Recorded Future Hunting Packages

September 25, 2019 • The Recorded Future Team

Quickly detecting and preventing malicious activity is imperative to effectively protecting your...