Picus detection analytics
What is the Picus detection analytics?
Picus Detection Analytics is an automated module that queries SIEM and EDR security logs to find the difference between the available and expected. Every emulated threat and adversary technique creates a log in the relevant security controls should these emulations be detected or prevented. Querying SIEM and EDR platforms in customer environments, the Picus Detection Analytics module matches query findings using advanced algorithms, with the real threat samples and techniques emulated by Picus Threat Emulation Module. As a result, undetected, unlogged, and non-alerted attacks are identified on the spot. Detection Analytics Module adds intelligence to the query findings by providing alert validation, log granularity concerning deployed security control technologies, and MITRE ATT&CK mapping.