ManageEngine, Zoho Corporation’s enterprise IT management division, has announced the release of a ML-powered exploit triad analytics feature in its SIEM solution, Log360.
According to an official release, this feature allows enterprises to trace adversaries and mitigate breaches by providing contextual visibility into the exploit triad: users, entities and processes. Reportedly, the feature update was unveiled at the ManageEngine User Conference at The Ritz-Carlton, Dubai International Financial Centre in the United Arab Emirates.
From what it’s understood, Log360’s threat detection and incident response (TDIR) module, Vigil IQ, features a threat detection system released last year. Benefits associated with Log360 are understood to be a three-way threat hunting core, which allows user, device and process analytics to be unified on a single console that allows security professionals to delve into investigation as they traverse through the Incident Workbench, ML-powered contextual data enrichment, which enables contextual analysis to incorporate insights from UEBA; process tree visualisation; and the risk scoring of IPs, URLs and domains, and a process hunting suite, which is the process flow probing capability on the Incident Workbench and the correlation rules for the spawning of suspicious processes.
“By offering insights into user attributes, process lineage and threat intelligence, Log360’s ML-powered exploit triad analytics aims to transcend from assisting detection to enabling better comprehension. This can make it a game-changer in reducing the breach life cycle,” Manikandan Thangaraj, vice-president, ManageEngine, said.