Vade is delighted to announce the availability of Threat Intel & Investigation. An add-on for Vade for M365, Threat Intel & Investigation provides the integrations, intel, and tools for security operation centers (SOCs) and managed service providers (MSPs) to investigate and respond to email-borne threats transiting through networks. The solution enables them to accelerate their incident response, eliminate the need for additional security investments, and free up critical IT resources.
What is Threat Intel & Investigation?
According to a 2021 report, it takes organizations an average of 213 days to identify data breaches caused by phishing attacks and another 80 days to contain them. This gives hackers the time and freedom they need to further compromise networks and launch more ambitious attacks against their victims.
To keep pace with cybercriminals, SOCs and MSPs need better visibility into their cybersecurity landscape and tools that enhance—rather than slow and complicate—their incident response.
The Threat Intel & Investigation add-on for Vade for M365 features five core capabilities designed to empower SOCs and MSPs to automate investigations, orchestrate responses, and move swiftly and with precision to live threats:
- File Inspector: Deconstructs files and attachments directly in the Vade for M365 interface—without exposing administrators to risk. File Inspector reveals critical details about files and attachments, providing admins with the data required to make faster decisions, cross-check threats across networks, and accelerate incident response across affected endpoints and users.
- Log Export: Injects live email and event logs into any security management system, a powerful two-way integration powered by the Vade for M365 API. Connect Vade’s email threat intelligence to your organization's SIEM or SOAR to trigger automation playbooks and enhance your disaster recovery program.
- Reported emails: Automates collection of user-reported emails and clusters similar, unreported emails in one dashboard, speeding user-based incident response and eliminating time-consuming, manual investigations. Receive alerts when users report emails via Outlook and quickly triage and remediate reported emails, similar emails, and forwarded emails with one click.
- Download emails/attachments: Provides access to raw email intelligence for objective evaluation by threat analysts, saving precious time and resources that are typically wasted searching for and analyzing raw email data.
- Add-on for Splunk: Integrates Vade for M365 with Splunk without the need for custom software development. Combine Vade’s threat intelligence with Splunk’s SIEM and SOAR capabilities to have better visibility into the threat landscape and actionable insights with which to orchestrate rapid responses.
Vade partners and customers are already experiencing the benefits of the new add-on. Threat Intel & Investigation is available today in Vade for M365.