YARA is a popular, open source language used for writing principles to detect malware along with the Chronicle group made a new variant of it to use to safety logs and other telemetry like EDR information and traffic.
This will make things simpler for safety analysts that will need to accumulate logs after a safety incident.
Cortex XSOAR offers answer enrichment and case management to dangers.