Threat Intel Quick Analysis
The Sumo Logic Threat Intel Quick Analysis App lets you correlate your logs against the CrowdStrike Threat Intelligence database and identify possible threats.
Sumo Logic Threat Intel Quick Analysis App
This App correlates CrowdStrike's threat intelligence data with your own log data, allowing for real-time security analytics to help you detect any threats in your environment, while protecting against sophisticated and persistent cyber-attacks. The Threat Intel Quick Analysis App scans your selected logs for threats based on IP, file name, URL, domain, Hash 256, and email.
Log Types
The Sumo Logic App for Threat Intel Quick Analysis can be used for any type of logs, regardless of format. Ideal log sources should include IP, file name, URL, domain, Hash 256, and/or email information.