A Friendly Budget
Warehouse while still sending specific data back to an active index and or simply send data to a third-party destination using data routing.
Extend Your Asset Inventory
Vulnerability Scanners
Extend your asset inventory by adding Nessus and Microsoft Defender vulnerability scanners to help calculate risk scores and reports.
Illuminate Parser Bundles for GR Log Open Users
Illuminate parser bundles for GR log open users. Yes, you heard me right—open users can now benefit from fast searches and a quick ability to understand log content, leveraging the GRY log information model.
Asset Focus with Alert-Based Risk Scoring
Immediately identify which assets to focus on with alert-based risk scoring. See all of the security-relevant information for an asset.
Extended Parsing Capabilities
We’ve extended our parsing to cover:
– Kafka Beats
– Raw HTTP
– Google Workspace
– AW3
– Palo Alto OS 11
Incident Response and Reporting
Quickly get the facts straight from an incident response report. The use of GEN can help interpret and summarize evidence of an investigation such as log messages, alerts, and events.
Visualizing Threat Coverage
Get a visualization of threat coverage by mapping MITRE tactics and techniques. Easy-to-understand time-based visualizations of an incident allow analysts to see gaps, inconsistencies, and a root cause in one view.
Conclusion
Well folks, like I said, we had a lot to cover. That was fun! If you enjoyed that, make sure you smash the like button and hit subscribe for more Grog 6.1 content. Make sure to follow the playlist. Until next time folks, happy logging!
