Product

Threat Hunting

AWS CloudTrail - Threat hunting in AWS CloudTrail Logs

As more companies are moving out of physical data centers and into cloud based solutions, analysts need to develop new ways to analyze their cloud based solutions for risks and threats. LogicHub has developed a playbook to hunt for risks in one such solution, AWS CloudTrail logs. This conducts seven investigations in parallel to identify risks within the CloudTrail logs.

Automating threat hunting AWS CloudTrail logs with LogicHub is powerful, easy, and can help you detect attackers and threats otherwise easily missed in the mountains of data. SOC teams are able to improve their productivity and response times, while minimizing false positives and false negatives.

Learn More about AWS CloudTrail

Code Repositories (GitHub)

LogicHub for GitHub is an automated threat detection solution that continually monitors your source code repositories for suspicious behavior and vulnerabilities to help you protect your intellectual property.

Installed without having to deploy agents, and setup with just a few clicks, LogicHub immediately begins analyzing millions of GitHub log events to identify any malicious or unauthorized behavior. It uses a sophisticated threat ranking engine to automatically prioritize potential threats and provides a high quality feed of security alerts.

LogicHub is designed for teams of all sizes, is very cost effective, and can scale to very large deployments without much effort.

Learn More about GitHub

SalesForce

LogicHub for Salesforce provides out-of-the-box threat detection. It continuously monitors your feed of Salesforce Audit events to detect any unusual behavior or pattern, and provides you with a really high quality feed of alerts.

With LogicHub’s powerful Threat Ranking engine, you can make sure that the alert feed you are getting is free of noise and false positives, while ensuring that suspicious activity does not get lost without a notification.

Learn More about SalesForce

IOC Search & Event Enrichment

One of the many use cases that LogicHub customers have implemented and benefited from is that of automating the search for Indicators of Compromise (IOCs), that are distributed from various third party sources, within their environment.

Automating the search and enrichment of threat intelligence helps the SOC identify potentially compromised machines and identify gaps in the environment’s security. This particular use case does not make any changes to the environment that could cause potential outages or block legitimate business processes, but instead provides insight to help with those changes.

Experience the SOAR+ Platform

Product Video

Watch a short video highlighting main use cases of the platform.

Product Tour

Browse through the most important features of the platform.

Weekly Product Webinar

Learn about the platform every Wed at 11am PT in the live webinar.

Request a Demo

Schedule a one-on-one platform demo with our expert Sales engineer.

Request a Demo