Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Software

Hall 7 / Booth Number 7-351

ASGARD Analysis Cockpit

Product Expert

south_east

Categories

Data center security Cloud (computing) security Endpoint security Intrusion detection / prevention Penetration tests Risk analysis and management Vulnerability and patch management Security management SIEM Security information and event management APT protection Threat analysis Compliance / GRC (products and services) Computer emergency response team (CERT) Denial of service protection Data leakage / loss prevention Data protection, data security Consulting IT security Forensics Managed security services Network security Mobile security

Key Facts

  • Baselining Section: The Baselining Section contains all IOC matches that are not part of existing baseline – i.e: logs that need to be looked at. Powerful visualisation, filtering and integrated tools like auto grouping help you analyse and categorize your matches and set a new baseline. With “Auto Cases” you can set your baseline with just one click – storing all matches in meaningful groups.
  • Integrated Case Management: The integrated case management provides an easy to use interface that lets multiple analysts collaborate on the same set of IOC matches. It is highly configurable and supports customizable workflows for multiple analyst groups. The built in two-level analyst model can easily be scaled up to support a multi-level follow the sun SOC.
  • Rich Reporting Section: The reporting section features multiple built-in reports on IOC matches and case management activity. They provide statistics on all activities and events within the cockpit, help identify lateral movement and hidden threats. Furthermore they help you improve your organisation by providing KPIs for your implemented workflow. Custom reports can be defined and scheduled.

Product Description

The Analysis Cockpit is the best place to analyse your THOR Logs. It gives you full visibility on all your IOC matches, logs and sandbox reports. Furthermore it allows you to set baselines and points you to security relevant changes in your environment.

The Analysis Cockpit also features an integrated and highly configurable case management system that lets multiple analysts collaborate on the same investigation while ensuring the intended workflow progresses. Just like the ASGARD Management Center the Analysis Cockpit features a rich set of APIs that lets you connect to enterprise ticketing-systems, Sandboxes, CMDBs, SOAR Systems, threat intel platforms and literally any security device you may have in place.

... read more
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.