How Right Hand Technology Group Inc. Automated Google Reviews Using Hatz.AI and Make.com

A Managed Service Provider (MSP) specializing in cybersecurity sought to improve their threat detection and security event analysis using the Hatz AI system. Their primary challenge was efficiently analyzing Windows Security Event Logs to detect potential security threats, Indicators of Attack (IOA), and Indicators of Compromise (IOC) in real-time.

The MSP aimed to automate log parsing, anomaly detection, and security insights using Hatz AI’s AI-powered automation, allowing them to:

• Systematically evaluate Windows Security Event Logs
• Identify unusual patterns in authentication attempts
• Provide actionable security insights
• Improve response time for mitigating security threats

Using Hatz AI's automation capabilities, the MSP designed a workflow to analyze exported Windows Security Logs (CSV format).

Initial AI Prompt

I am responsible for security on business networks. I need to systematically evaluate Windows Security Event Logs to identify potential security threats and unusual activity. My goal is to preemptively address risks and maintain a secure posture. Please analyze the logs for recurring issues, login activity anomalies, and Indicators of Compromise (IOCs). If any events appear highly unusual or suspicious, list the top 5 findings in a separate section called 'Specific Findings of Interest' in bold font.

Event IDs Monitored

Example of AI-Generated Output

Executive Summary

• Date Range: April 17, 2024
• Host Name: CHARLE418
• Events Evaluated: 2 events

Based on the limited log data provided, two security events were analyzed: a Special Logon (4672) and a Successful Logon (4624) by the SYSTEM account. No suspicious activity was detected. However, due to the small dataset, a full security assessment was not possible.

Event ID Statistics

Indicators of Attack/Compromise

• No brute-force login attempts detected
• No suspicious remote login activity observed
• No unauthorized credential use (4648) or process execution (4688) detected

By leveraging Hatz AI for security automation, the MSP:

1. Reduced log analysis time from hours to minutes
2. Automated security insights, eliminating manual log reviews
3. Improved threat detection by prioritizing high-risk events
4. Standardized log analysis across multiple clients

Hatz AI enabled the MSP to transform its security log analysis into an efficient, automated process, significantly improving threat detection and response times. This use case highlights how AI-driven automation can enhance cybersecurity operations for MSPs handling sensitive data and complex security environments.