> For the complete documentation index, see [llms.txt](https://docs.inopli.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.inopli.com/drp/comm-channels-monitoring/enrichment-strategies.md).

# Enrichment Strategies

The <mark style="color:green;">enrichment stage</mark> transforms raw material gathered from messaging platforms, forums, and other communication channels into intelligence that security teams can act on. Instead of passing along unstructured text or files exactly as they appear, the DRP platform adds layers of meaning that clarify who is involved, what is being discussed, and why it could matter to the organisation’s security posture.

### Why Enrichment Matters

Messages and posts rarely arrive in a neat format. They may be written in different languages, include shorthand or emojis, reference people or systems only insiders recognise, or hide sensitive information inside attachments. Without additional context, an analyst must spend time deciphering each fragment before deciding whether it poses a real threat. Enrichment automates that effort: it cleans and normalises content, detects its language, and attaches relevant metadata so that analysts can focus on judgement rather than translation or formatting tasks.

### Layers of Context Applied

First, <mark style="color:green;">linguistic processing</mark> determines the language of every message and converts unusual encodings into a standard form, ensuring nothing is lost to garbled characters. Next, the system identifies <mark style="color:green;">names of people, companies, products, locations, and monetary values</mark> to reveal who or what is being discussed. References are then matched against the organisation’s monitored assets, brands, executives, domains, or technologies so that even indirect mentions surface as potential concerns.

Attachments receive similar attention. Documents are read for embedded text, images are scanned for on-screen words, and archives are unpacked so that hidden material cannot slip past unnoticed. Throughout this process, duplicate items are removed and timestamps are aligned, allowing conversations to be viewed in sequence rather than as isolated snapshots. Finally, each finding is assigned an initial relevance score that reflects its probable impact, helping security teams decide what to investigate first.

### Outcome for Analysts

When enrichment is complete, every finding includes enough context for immediate triage: the original evidence, a concise explanation of its significance, and indicators such as language, entities mentioned, and preliminary severity.&#x20;


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.inopli.com/drp/comm-channels-monitoring/enrichment-strategies.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.