Take a self-guided tour and explore the SOAR+ platform. Learn why SOC teams are choosing SOAR+ as their security automation platform.
Intuitive and Useful Dashboard
The LogicHub Dashboard is designed with the analyst in mind. It looks good and it is useful.
It shows important metrics such as
- Case status and MTTR
- Connection Status
- System Status
You can also drill down to the next level of detail for more information.
Extremely Flexible Data Ingestion Framework
Built on Apache Spark, the LogicHub Data Ingestion Framework is built to handle the intake of large volumes of information from SIEM platforms, log aggregators, threat intelligence feeds, cloud platform logs, and other security solutions. Out of the box support is provided for all leading systems (Splunk, ArcSight, SumoLogic, etc.), and the framework provides open APIs to easily ingest data from almost any source without requiring agents.
Leverage Multiple Data Sources and ML Powered Analytics
By leveraging machine learning, advanced data science, and deep correlation to threat rank each IOC, alert, or event from your SIEM or other data source, LogicHub processes the data, leveraging analyst expertise along with information from web security services to produce a score for each event. Important events that meet a severity threshold are handled according to different situations, such as sending enriched alerts back to your SIEM, automating responses, or opening cases for your SOC.
Broad Ecosystem of Third Party Integrations
LogicHub integrates with leading security and infrastructure solutions to provide a holistic ecosystem for threat detection automation. With its modern RESTful Integration Framework, new integrations can easily be added with almost any IT system.
New supported integrations are built in two weeks or less. Customer scripts can be converted into custom integrations in minutes or hours as opposed to days or weeks.
Create New Playbooks with Ease
LogicHub’s visual playbook and automation flow editor makes it easy for analysts to design and automate investigation, response, and threat hunting and detection playbooks with little to no coding. Analysts can automate investigation steps for any SOC playbook that would otherwise have to be performed manually.
Powerful Case Management
LogicHub’s case management lets analysts create and update cases for incident management, initiate remediation tasks as well as collaborate between themselves. The LogicHub automation framework itself can create cases and tasks automatically for critical incidents.
Easily Review and Tune Playbook Output
LogicHub provides full traceability across each execution of a playbook by recording every step of the flow automatically. It provides a full graphical view with readable explanations of each logical step along with the final output and scores, so analysts can rapidly review and validate results.