The ANALYSIS COCKPIT gives you the power to analyze logs from thousands of systems.
There will be false positives and legitimate occurrences of suspicious elements or dual use tools. This lies in the nature of scanning for APTs and traces of adverse activities and system manipulations.
In heterogeneous IT environments, you could be required to create highly specific filters for 20.000 entries by hand.
You don’t want to do this manually.
How we do it?
We let you export anomalies from Kibana that you don’t want to see in the future to the filter generator.
The ANALYSIS COCKPIT ships with approximately 80 pre-defined automatic filters. These automatic filters will generate sub-filters that are specific to your environment automatically.
(We have done the majority of the work for you.)