With cyberattacks and the skills gap getting worse, SOCs can no longer afford to have analysts manually coordinate contextual data. Many analysts personally copy-and-paste domains and IPs hundreds of times per day in order to check their reputation. D3’s integration with MISP enables automated enrichment of D3 incidents with MISP’s open-source threat intelligence for rapid assessment of threats.