Sumo Logic Threat Intel Quick Analysis App
This App correlates CrowdStrike's threat intelligence data with your own log data, allowing for real-time security analytics to help you detect any threats in your environment, while protecting against sophisticated and persistent cyber-attacks. The Threat Intel Quick Analysis App scans your selected logs for threats based on IP, file name, URL, domain, Hash 256, and email.
The Sumo Logic App for Threat Intel Quick Analysis can be used for any type of logs, regardless of format. Ideal log sources should include IP, file name, URL, domain, Hash 256, and/or email information.