Identification and Enrichment
Automatic threat intelligence lookups, workflows and menu-driven actions deliver valuable context, reduce time to identify scope and impact, enabling a rapid, decisive response. Trigger sandbox evaluation and build rules to act on the results. Search logs and endpoints and make decisions based on the data. Include CMDB and directory information to help analysts make accurate assessment of severity and impact. Pivot on these critical data elements to dynamically adjust the way your team responds.
Learn about Threat Intel Services
Learn about Functions and Custom Actions