> For the complete documentation index, see [llms.txt](https://docs.inopli.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.inopli.com/drp/comm-channels-monitoring/risk-signals-detected.md).

# Risk Signals Detected

<mark style="color:green;">Risk signals</mark> are the core output of the DRP monitoring process. These signals are the tangible results of observing informal, high-velocity digital spaces where early indicators of security threats frequently emerge. They represent findings that may require attention, investigation, or immediate action depending on their severity and context.

### Understanding Risk Signals

A <mark style="color:green;">risk signal</mark> can take many forms: leaked credentials being shared or sold, confidential documents exposed in chat groups, mentions of executive names or internal systems in dark web discussions, or even planned attacks circulating among threat actors. What defines a signal is not just *what* is said, but *where* and *how* it appears. A file shared in a closed forum known for cybercrime has a very different meaning than a message posted in a public channel.

The system identifies and interprets these signals by analyzing patterns of communication, the relevance of the content to monitored entities, and the nature of the platform where it was found. It distinguishes casual commentary from coordinated threats or sensitive data exposures ensuring that only the most actionable intelligence reaches the security team.

### From Raw Content to Actionable Insight

<mark style="color:green;">Risk signals</mark> are not simply extracted data points, they are enriched findings. Each one is contextualized to explain the type of threat involved (e.g., data leakage, impersonation, credential exposure), its possible impact, and the environment in which it was detected. This gives incident response teams a clear, prioritized view of what matters most, allowing them to act quickly when necessary by consolidating signals from disparate sources and translating them into structured, <mark style="color:green;">security-relevant insights</mark>.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.inopli.com/drp/comm-channels-monitoring/risk-signals-detected.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.