The Threat Hunting Engine has subscription to 60+ threat feed sources and accesses SISA’s Forensic investigations to identify the latest threat vectors.
Using the NLM feature, Autogrokking engine autodetects, analyses, normalizes, and structures the raw log data. The log enrichment module translates log data into human readable format and adds metadata for effective and accurate analysis.
Forensics-based intelligence is used in threat hunting as our analysts are trained in forensic investigation techniques and frameworks.
Detect and guard against malicious external threats and internal vectors which can be near real-time.
Make your log management compliant with legal and business regulations.
Take advantage of advanced log parsing, log enrichment and categorization to proactively index threat-related events.
Experience unparalleled context in alerting and ticketing via correlation-based threat monitoring.
Get alerts from wide range of sources; DNS Anomaly engine, Netflow threat engine and Web logs anomaly engine.
Instantly reconstruct timelines of the breached systems with log based reverse engineering process.