Threat Hunting

easySIEM associated ioc detail to the event in a realtime. Technically while ingesting log via logstash, It validates remote_ip and md5 has against IOC threat feeds. The associated ioc can be searched in the investigation panel by typing query like ioc:ip OR ioc:hash . We also have provided threat hunt search engine where you can search and get detail about any domain, email, url, hash and ip. The search engine is powered by VirusShare, ThreatCrowd, AlienVaultOTX, etc.

Threat Hunting - Search Engine

Search Engine for IP, URL, Email, Hash and Domain

Real Time Threat Feed with Events