Skip to main content
Solved

Usage of 3D Scatterplot Visualization & Time-Terrain-Behavior (TTB)

  • September 10, 2025
  • 1 reply
  • 91 views
defcesco
Forum|alt.badge.img+1

Hi SecOps Community, 

 

I am attempting to reproduce this superb blog post:

https://dispatch.thorcollective.com/p/cant-hide-in-3d

 

The blog post is written for Splunk, utilizing the resources here:

Code Repository

 

TTB Framework Evolution

 

BOTS v2 Dataset

 

Technical Implementation

 

 

How can SecOps security engineers utilize datasets like BOTS? 

 

How do we utilize 3D scatterplot visualization in Chronicle? 

 

I dug through John Stoner’s New to Chronicle series, and David French’s posts, and I’d like to see a practical technical demonstration of these potent threat detection techniques, specifically TTB and utilizing community detection datasets like BOTS. 

Best answer by ErikaB

Hi ​@defcesco 

 

These are excellent questions that warrant more in-depth exploration than a forum response can provide. We appreciate you bringing these topics to our attention and will take them into consideration for upcoming content, potentially in a blog post, adoption guide, or a dedicated webinar.

1 reply

ErikaB
Community Manager
Forum|alt.badge.img+10
  • ErikaBCommunity Manager
  • Community Manager
  • Answer
  • September 19, 2025

Hi ​@defcesco 

 

These are excellent questions that warrant more in-depth exploration than a forum response can provide. We appreciate you bringing these topics to our attention and will take them into consideration for upcoming content, potentially in a blog post, adoption guide, or a dedicated webinar.

defcesco
Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.