Disparate cybersecurity data can leave your security team in the dark. Not only that, but monitoring and managing multiple security tools kills productivity and risks alert fatigue—two things your business can’t afford when it comes to cybersecurity.
Developing a comprehensive XDR or EDR strategy requires having a global view of your cybersecurity posture, quality data, and the investigative tools to analyze and respond to threats.
The Vade development team has been hard at work building Threat Intel & Investigation, a new feature that combines SIEM integration with robust threat intel and investigation capabilities in Vade for M365.
What is Threat Intel & Investigation?
In the past, SIEMs were out of reach for many SMBs and even MSPs and MSSPs. With enterprise-grade complexity and price tags, SIEMs were neither practical nor economical.
Things have changed. Over the past few years, a new generation of SIEMs with SMB and MSP-friendly UIs and price tags have entered the market. The shift has opened the door for SMBs, MSPs, and MSSPs to enjoy the same cybersecurity benefits from SIEMs as enterprises, including:
- A global view of cybersecurity
- Better analytics and reporting
- Increased efficiencies
- Faster time to respond and recover
Available for a limited time as a free Beta, Threat Intel & Investigation is an add-on for Vade for M365 that features SIEM integration and access to investigative tools developed by Vade R&D.
Threat Intel & Investigation enhances your EDR and XDR strategy by providing the threat intelligence that SOCs need to gather forensic evidence, cross-check threats across their networks, and develop incident response processes.
The Threat Intel & Investigation beta will be launched in phases, with phase one featuring SIEM integration. Customers who opt-in to the beta version of Threat Intel & Investigation can generate API credentials to quickly export their Vade for M365 email logs to any SIEM, XDR, or EDR.
In the coming months during the free beta, Vade will release new SOC tools to Threat Intel & Investigation, allowing security professionals to dig deeper into the email threats targeting their users and develop response processes with the evidence gathered. Below is a list of what’s coming for Threat Intel & Investigation:
November 3, 2021
- SIEM Export: Export Vade for M365 email logs to any SIEM, XDR, or EDR (no limit on number of API credentials).
November 2021
- File Inspector: Investigate files and attachments to gather evidence, including URLs, objects, decoded data, and JavaScript.
December 2021
- Email/Attachment Download: Download emails and attachments for analysis by Vade’s PDF and Office parsers.
Threat Intel & Investigation is offered as a free beta for a limited time and is available to current Vade for M365 users and free trial and/or NFR users. The release schedule is subject to change.
