Everything you need to know about Flash AlertsFAST - Flash Alerts for Security Threats.
...
Figure 1, “Fast Features”
FAST Features
Type of Alert
The Type of Alert can be a normal flash alert, heads up, informational, Proactive, Wormable Event, all drop everything right now - we call ‘nuclear’ level event. The header may be color-coded to display this sense and have a hyphen and type of information such as Flash Alert - informational.
Headline
The Headline is the overall important message about the alert.
Description
This is the description of the event, we will where possible roll this information up to a CVE.
CTCI Commentary
We will where possible highlight what is important, is there any action on objectives if known, if there is a specific sector/technology/geography if known. We will also where possible put some commentary on why we think this is important or other things to look out for.
Mitigations / Detection / Prevention
Where possible we will what you need to do to detect this CVE, what you need to mitigate on and what you could do for some prevention. These levels will be things like URLs, files, hashes, and such. It is up to you to convert these to things like WAF rules, log management alert rules, and such. In the future, we may have sigma rules for a number of these alerts.
Outcomes
With FAST and CEWL you can get better outcomes by using a combination of security engineering, detection creation, threat hunting, and mitigations from this CVE information. It should be noted that we are not the primary source of all articles on the CVEs, most of these reference links are in the Mitre org, CVE details.