10. Search Past Investigations

10.1. Global IOC Search

Most analysis and examination techniques are at the incident- or host-level, but the Welcome screen does allow you to search past incidents for IOCs.

From here, you can enter hashes, IPs, paths, and USB device IDs.