📄️ Threat Intelligence Feeds
Cloud SIEM cross references incoming logs against lists of known Indicators of Compromise (IOCs) to automatically detect threats. Whenever an IOC is detected, the original log is enriched with the relevant details.
📄️ Adding a Private Feed
You can enrich log threat detection by adding your own private feeds to those provided by Logz.io. To do so, you'll need to maintain files with lists of IOCs and host them online to make them accessible by HTTP/HTTPS to Logz.io.
📄️ Preparing a Feed
You can enrich log threat detection by adding your own private feeds to those provided by Logz.io.