New entity types
Our Incident Response team suggested that Siemplify should have more entity types out of the box and that they should match the industry standard 'language'', i.e. STIX - https://oasis-open.github.io/cti-documentation/stix/intro.html . At least Threat Actor, Campaign and Attack Pattern should be considered.
Value added - easier tracking of organization's exposure (are we targeted?) and insight into SOC's ability to handle specific threats.