Incident Workbench
Overview
- The Incident Workbench is Log360 Cloud's investigation console that unifies analytics of the core entities such as users, processes, and threat sources.
- This feature facilitates users to add, compare, and analyze data with enriched integrations like Advanced Threat Analytics, and process hunting tree.
- Utilize the contextual assesment with risk based profiling, conduct faster root cause analysis, and minimize the overall time taken to investigate and resolve threats.
Features:
Here are the entities you can analyze using Incident Workbench:
- Users
Analytics offered: ML-based user activity and risk score data compiled through UEBA integration from Log360's suite.
- Process
Analytics offered: Process hunting tree with parent-child relationships and event timeline.
- Threat sources
Analytics offered: Risk analysis from security vendors using Advanced Threat Analytics integration.
Access and usability:
- Access: The Incident Workbench can be invoked from multiple dashboards of Log360 Cloud such as reports, log search, compliance, alerts, and more.
- Users can add upto 20 tabs in a single instance of the Incident Workbench and save it to an existing incident or create a new incident.
