Machine Learning Model Example

Use this example to create a phishing machine learning (ml) model in Cortex XSOAR.
In this example, we want to create a machine learning model for
using a
. The
manually classifies data as to Phishing, Spam and legit.
  1. From the
    New ML Model
    window, in the
    Incident type
    field, select
  2. In the
    Incident field
    , select the field which contains the label you want the model to train. Assume that the field which contains the type of the mail is called
    In the
    Field Values
    column, the following data is returned:
  3. Drag and drop the data from
    Field Values
    column into the relevant
  4. In the
    Argument mapping
    field keep the arguments as the default. We want the machine learning model to train on Email body, HTML and Subject.
  5. Click
    Start Training
    The model starts training and when successful returns the following information:
The returned data shows that it found 3 categories together with the percentage scores, which reflect the precision of the results.
You can now use the machine learning model in the
Phishing Investigation - Generic V2
playbook, in the Machine Learning page or in the War Room. For examples how to use it in the War Room, see Phishing Command Examples Using a Machine Learning Model.

Recommended For You