The LogicHub platform is the only one to marry automation with advanced correlation and machine learning. Its unique “whitebox” approach provides a Feedback Loop for analysts to easily tune and improve the system.
A rich architecture that features:
- Visual automation flow builder
- Powerful execution engine
- Rich query language
- Out-the-box ML operators
Leverages machine learning, advanced data science, and deep correlation to threat rank each IOC, alert, or event. A full readable explanation of the scoring logic is provided along with the score, so analysts can rapidly review and validate results.
As a result, 95% of false positives can be safely filtered out. Furthermore, new and previously unknown threats are automatically detected in real time, exponentially reducing Mean-Time-to-Detect (MTTD).
The LogicHub platform also provides an intuitive Feedback Loop for human analysts to “mentor” the system, teaching it and improving it with each iteration. Most pure AI solutions require tremendous amounts of specially curated training data, and their algorithms cannot be tuned. In contrast, LogicHub requires no labeled data, and can be easily programmed and refined.
LogicHub integrates with leading security and infrastructure solutions to provide a holistic ecosystem for threat detection automation. With its modern RESTful Integration Framework, new integrations can be easily added with almost any IT system.
Data Ingestion Framework
Built to handle the intake of large volumes of information from SIEMs, log aggregators, threat intelligence feeds, cloud platform logs, and other security solutions. Out of the box support is provided for all leading systems, and the framework provides open APIs to easily ingest data from almost any source.