Threat Intel & Investigation

Threat Intel & Investigation is an add-on for Vade for M365 that that allows SOCs to export Vade for M365 email logs to any SIEM, conduct a forensic examination of emails and attachments, and integrate Vade for M365 with their XDR (extended detection and response) strategy.

Unify disparate email security data

Threat Intel & Investigation provides the threat intelligence that SOCs need to gather forensic evidence, cross-check threats across their networks, and develop incident response processes.

Investigate and respond

There’s more to email than text and images. Underneath the hood, they feature critical meta data and code that reveal their true intent and potential payload. Threat Intel & Investigation gives you access to Vade’s filtering technology to conduct a forensic analysis of email headers, meta data, objects, URLs, attachments, and more.

Key features

Export Vade for M365 logs

to any SIEM, XDR, or EDR for improved threat intelligence, investigation and response.

Analyze emails and attachments

to collect forensic evidence of malware and phishing.

Download emails and attachments

from the Email Logs for investigation.

Solution Brief

Threat Intel & Investigation

threat Intel & Investigation

Key Benefits

Integrates email into your XDR strategy
Unifies disparate email data
Improves threat intelligence and visibility
Improves SOC perimeter
Integrates email into defensive posture
Decreases time to respond to events

Threat Intel & investigation

Powerful M-SOAR capabilities

It takes only one malicious email to halt operations. Combining Threat Intel & Investigation with Vade for M365 offers Mail Security Orchestration and Automated Response (M-SOAR) capabilities that empower your SOC or IT team with the threat intelligence to respond quickly to phishing, spear phishing, and malware attacks.