How The Free Trial Works
Define Your MITRE ATT&CK Priorities
Quickly customize the MITRE ATT&CK framework to focus on the techniques that matter most to your organization based on the platforms you protect and the threat groups that target your industry. This drives what detections and data feeds you must log to be successful at detecting those attack techniques.
Pick Your Data Platform, Onboard Feeds & Explore Cost Savings
A key difference in Anvilogic’s platform is that you can “bring your own data lake(s)”. We support Splunk Cloud, Snowflake, and Azure Sentinel/Log Analytics. Pick which platform(s) you want to connect. Based on your MITRE ATT&CK priorities, we will recommend up to 2-3 data feeds to test during the free trial if you choose to use your own data. Then we’ll show you cost saving scenarios if you’d like to move any data feeds to a low-cost security data lake like Snowflake.
Deploy AI Recommended Detection Use Cases
Once your platform is configured, you can start deploying hundreds of threat hunting and detection queries that align to your MITRE ATT&CK priorities. These detections are deployed as “warning” signals by default and used as baseline activity for AI-generated insights. These warning signals can also be used for hunting and advanced correlation.
Automatically Tune Detections with AI
After a couple of days, our AI-generated insights will automatically begin to tune those deployed detections based on common false positive strings and patterns.
Escalate High Fidelity Alerts
Once the detections are tuned and reach a low volume threshold we will automatically recommend to escalate these detections to alerts that can be triaged. In addition, our hunting insights analytics will also analyze each warning signal and escalate any events that are determined to be highly suspicious.
Build Your Own Detections & Hunting Queries with an AI Assistant
With Anvilogic, you can also build your own custom threat hunting or correlation rules unique to your environment using a low-code UI builder to escalate any events you feel are most critical to respond to. Not the best at SPL, KQL, or SQL? We have a generative AI assistant that turns your natural language questions into search logic.
Measure Maturity & Improve Over Time
Keep track of all the progress you make in real-time to ensure you are continuously improving based on the detections you have deployed across your prioritized MITRE ATT&CK techniques. Align your security leadership, security engineers, and analysts with a single view of your maturity improvements.
Adopt a SIEM-less Architecture
At Your Own Pace
Fast-track your security team's ability to deploy and tune detections, hunt more efficiently, and bridge the gap between your traditional SIEM and modern security data lake(s) giving you the option to reduce costs and incrementally migrate over time.