The Diamond Model of Intrusion Analysis is a widely used framework in cybersecurity to analyze adversary behaviors, infrastructure, and victimology during successful and attempted attacks. However, manually extracting and structuring information from threat reports can be time-consuming.
With Feedly Ask AI, analysts can now generate a diamond model analysis with a simple AI Prompt—helping teams quickly visualize threats and identify key attack patterns based on select reporting.
This article will show you how to run the prompt on a single article or multiple articles about the same attack.
Ask AI Prompt
Lead Threat Intelligence Analyst
Conduct a Diamond Model of Intrusion Analysis that contains all pertinent information from this report. Additionally, provide the information so that an analyst can create an image of the diamond model to depict key findings.
- Extract detailed technical information from the report
- Structure findings based on the diamond model framework
- Ensure all elements (Adversary, Infrastructure, Capabilities, Victimology) are included
- Provide accurate and actionable intelligence
- Include citations and references where applicable
Ask AI Response – On a single article
We ran this prompt on an AI Feed monitoring threat reports related to North Korean state-sponsored actors. The output generated a structured diamond model analysis, detailing the adversary, infrastructure, capabilities, and victimology in a clear and actionable format. The AI response also incorporated attack timelines, socio-political context, and a visualization guide, making it easier for analysts to assess the full scope of the incident. This prompt can be saved in the prompt library and reused to analyze other cyber threats consistently.
Ask AI Response – On multiple articles
Running the same prompt on an AI Feed, rather than individual articles, provides a more extensive dataset from which to extract intelligence. This bigger dataset enables you to explore diverse perspectives and significantly expand the volume and quality of insights. Ultimately, it gives you a broader scope of information.
For this example, we applied the same prompt to an AI Feed focused on the specific attack. We selected 10 articles and reports to run the Ask AI prompt. As you can see in the visual below, in-line citations link your output to the original reports for transparent verification and traceability.
Running Ask AI on multiple vs single articles
Tailor your analysis based on your needs—focus on a single article for in-depth insights from a trusted source or analyze multiple articles to uncover broader patterns, validate details, and track emerging trends across sources.
By running Ask AI on an AI Feed, analysts can move beyond fragmented reports and generate a comprehensive diamond model analysis with greater depth, accuracy, and traceability.
