Log360, ManageEngine’s SIEM solution, comes with built-in threat intelligence capabilities to detect malicious domains, IPs, and URLs intruding in a network. It flags suspicious sources by correlating data from external threat feeds. Log360’s Advanced Threat Analytics feature correlates internal log data with external threat intelligence feeds. If any internal logs match the indicators in the threat feeds (e.g., an internal system communicating with a blocklisted IP or accessing a malicious domain), Log360 flags these as potential threats.
In addition, Log360 can assess the seriousness of a threat, get its geolocation, intercept the attack, and do even more. By combining the wealth of information from collected logs and the database of global threat feeds, Log360 helps you take preemptive action against network threats.