lhs-panel Click here to expand

Overview

  • The Incident workbench is Eventlog Analyzer's investigation console that unifies analytics of the core entities such as users, processes, and threat sources.
  • This feature facilitates users to add, compare, and analyze data with enriched integrations like UEBA and Advanced Threat Analytics.
  • Utilize the contextual assesment with risk based profiling, conduct faster root cause analysis by probing the process trees, and minimize the overall time taken to investigate and resolve threats.

incident-workbench-overview

Features:

Here are the entities you can analyze using Incident Workbench:

  • Users

    Analytics offered: ML-based user activity and risk score data compiled through UEBA integration from Log360's suite.

  • Process

    Analytics offered: Process hunting tree with parent-child relationships and event timeline.

  • Threat sources

    Analytics offered: Risk analysis from security vendors using Advanced Threat Analytics integration.

Access and usability:

  • Access: Incident workbench can be invoked from multiple dashboards of EventLog Analyzer such as reports, log search, compliance, alerts, and more.
  • Users can add upto 20 tabs in a single instance of the Incident Workbench and save it to an existing incident or create a new incident.

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link