Click here to expand

    Overview

    • The Incident workbench is Eventlog Analyzer's investigation console that unifies analytics of the core entities such as users, processes, and threat sources.
    • This feature facilitates users to add, compare, and analyze data with enriched integrations like UEBA and Advanced Threat Analytics.
    • Utilize the contextual assesment with risk based profiling, conduct faster root cause analysis by probing the process trees, and minimize the overall time taken to investigate and resolve threats.

    incident-workbench-overview

    Features:

    Here are the entities you can analyze using Incident Workbench:

    • Users

      Analytics offered: ML-based user activity and risk score data compiled through UEBA integration from Log360's suite.

    • Process

      Analytics offered: Process hunting tree with parent-child relationships and event timeline.

    • Threat sources

      Analytics offered: Risk analysis from security vendors using Advanced Threat Analytics integration.

    Access and usability:

    • Access: Incident workbench can be invoked from multiple dashboards of EventLog Analyzer such as reports, log search, compliance, alerts, and more.
    • Users can add upto 20 tabs in a single instance of the Incident Workbench and save it to an existing incident or create a new incident.

    On this page

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       
    Get download link