Ingest and Analyze Anti-Virus Data
Anti-Virus (AV) scanning is an essential part of organization's security monitoring and provides valuable data for security teams to handle potential compromise and improve their security posture. With integration, analysis, and detection of AV logs from third-party tools, Alert Logic helps place threats identified from your AV data into a more comprehensive threat management view.
Alert Logic ingests AV logs and analyzes them to provide key insights for alerting and Security Operations Center (SOC) support, such as:
- Detection of known hack tools such as pwdump, wincred, and mimikatz whose presence is highly correlated with malicious post-compromise activity
- Detection of writing to privileged locations on the local system, which is indicative of a user or malware with administrative privileges – often a later stage action in the attack cycle
Add an Additional Layer of Defense
In addition to anti-virus analysis and detection, Alert Logic also provides an extended endpoint protection capability. With this capabilitiy, we block endpoint attacks through a combination of machine-learning attribute analysis and real-time behavioral analytics.
Alert Logic Solution Benefits
Need to Schedule A Demo?
Please fill out the form below in its entirety or call us directly at 844.816.1051, for the UK call +44 (0) 203 011 5533.