Threat Intelligence | Logz.io Docs

📄️ Threat Intelligence Feeds

Cloud SIEM cross references incoming logs against lists of known Indicators of Compromise (IOCs) to automatically detect threats. Whenever an IOC is detected, the original log is enriched with the relevant details.

📄️ Adding a Private Feed

You can enrich log threat detection by adding your own private feeds to those provided by Logz.io. To do so, you'll need to maintain files with lists of IOCs and host them online to make them accessible by HTTP/HTTPS to Logz.io.

📄️ Preparing a Feed

You can enrich log threat detection by adding your own private feeds to those provided by Logz.io.