Synapsa Look Up
Single pane of glass for data enrichment from any 3rd party API provider, which allows analysts to easily fetch data and use it for event investigation.
Threat Intelligence Enrichment
Synapsa LookUp is able to cooperate with Synapsa Interconnector and Synapsa Data Feeds for automating data enrichment processes to speed things up, save time and avoid errors.
How does it work?
Automated enrichment process
- SIEM / IDS / any device sends a syslog to Synapsa
- Interconnector extracts IP addresses from the syslog and forwards them to Look Up
- Look Up will check if the IP is listed in Virustotal / ToR exit nodes / any Threat Intelligence platform (TIP)
- Add the result to your own External Dynamic List (EDL)
- Send alert to SIEM, or take any customized action
How does it help to SOC analysts
- Analysts get the automation tool to perform queries very fast
- All the enrichment data is collected and correlated automatically
- Faster outcome, no human errors
Comprehensive war room feature
Moreover, Look Up offers war rooms to do analysis of a cyber security incident faster and allows the SOC team to cooperate in a single UI. It is possible to use pre-built playbooks, or to create your own for repetitive tasks, which saves time, ensures immediate results and provides faster Mean Time to Response (MTTR).
