CanomaDocs
Open Search
Browse docs sections

Source Validation Workflow

How to validate claims, score confidence, and avoid acting on weak evidence.

In high-impact investigations, response speed matters, but evidence quality matters more. Use this workflow to keep outputs trustworthy under time pressure.

Validation Sequence

  1. Extract top claims from the response.
  2. Map each claim to one or more supporting sources.
  3. Score confidence based on source quality and recency.
  4. Mark unresolved assumptions before escalation.

Evidence Ladder

Highest Confidence

  • Vendor advisories and official patch guidance.
  • Direct telemetry from your own environment.
  • Primary incident reports with technical artifacts.

Medium Confidence

  • Reputable research blogs with reproducible indicators.
  • Security news summarizing named primary sources.

Low Confidence

  • Aggregator summaries without primary references.
  • Claims with no dates, versions, or affected scope.

Claim Audit Prompt

bash
Audit the previous response. For each key claim, provide:
  • source link,
  • source type (vendor advisory, telemetry, research, etc.),
  • confidence (high/medium/low),
  • what evidence is still missing.

Escalation Gate

  • High-impact actions require high-confidence evidence.
  • Medium-confidence claims must include explicit caveats.
  • Low-confidence claims should not drive immediate remediation.

Do not merge assumptions into facts

Always keep inferred statements separate from directly observed evidence in shared write-ups.

Built with markdoc.dev.