Initial Setup
Last updated
Last updated
You should have received an email from Anvilogic Admin with a link to your login credentials. Click on the “Set Password” button or alternative link to be taken to the Anvilogic secure portal, where you can set your password. From there you will be logged in automatically. For future access, simply navigate to https://secure.anvilogic.com/ and use these credentials. Note that your username is your registered business email address.
When you first log into the Anvilogic SaaS platform, you will be asked to walk through a wizard that asks you a few simple questions which will customize your MITRE ATT&CK scope and priorities based on your industry, location, and platforms. The video below walks you through the process.
After you walk through this wizard, you will be prompted to add a data source. Please read the next section before proceding.
When you signed up for the free trial, you had the ability to choose which log data source you were interested in using with Anvilogic. Once you have completed the step above, you will be in the correct place for the subsequent steps, but if you need to return here you can always navigate to it in the interface by going to Settings - Integrations - Available.
If your log data source will be your own Snowflake account, you can walk through the next steps presented in the setup initial wizard (Settings - Integrations - Available - Data Logging Platform - Snowflake). Select Snowflake as your log source, and follow the prompts to connect your Snowflake account (requires Snowflake admin permissions), and go through the subsequent prompts to bring your security log data into Snowflake (Settings - Integrations - Available - Snowflake Data Ingestion). The wizard supports a specific set of data sources that we can easily configure to be automatically brought into your Snowflake, including AWS Cloudtrail, Crowdstrike FDR and Auth, MS Defender Logs, and Okta logs. The video below walks you through the entire process.
If you have chosen to use Anvilogic-hosted Snowflake as your log data source, you will receive an email from your Anvilogic Sales Engineer when your Snowflake account is ready (you can reach out to freetrial@anvilogic.com if you want to reach out). Once complete, go through the process to bring your security log data into Snowflake (Settings - Integrations - Available - Snowflake Data Ingestion). The wizard supports a specific set of data sources that we can easily configure to be automatically brought into your Snowflake, including AWS Cloudtrail, Crowdstrike FDR and Auth, MS Defender Logs, and Okta logs.
If your log data source is Splunk Cloud or Microsoft Azure Log Analytics. You should not work through the data onboarding wizard for log data sources as it will require you to install an app in your Splunk environment, which is not part of a free trial. Instead, once you have completed the initial setup wizard, you should receive an email from your Anvilogic Sales Engineer (if not, or you need immediate help, reach out to freetrial@anvilogic.com). The SE will schedule a short Zoom session with you to complete the connection to your log data with the need to install an app.
In addition to connecting to a log data repository, you can also pull alerts from a number of common security product vendors directly into Anvilogic. These can be used to show where you have MITRE ATT&CK technique coverage in place as well as for use in creating hunting insights alerts.
The process is simple. Start by going to Settings - Integrations - Available - Detection Tools, selecting a vendor that you use, and going through the simple wizard to provide connectivity. An example can be seen in the following video.
Clicking the 3 bars in the upper left of the interface, or simply hovering over the icons on the left side will bring up the navigation menu. From here you can go back to the home page, or access many of the other areas of the platform. Feel free to explore the items here.
