Several vendors have joined forces with LogRhythm on a threat intelligence collective designed to provide customers with visibility and insight in order to help them detect sophisticated cyber threats.
Symantec, Norse, CrowdStrike, Webroot and ThreatStream are the first companies to join LogRhythm’s Threat Intelligence Ecosystem, which includes low reputation IP addresses and URLs, malicious email addresses, processes, filenames, user agent strings and other data.
Each of the companies within the ecosystem contribute with unique capabilities, LogRhythm said. Symantec, for example, provides actionable data about malicious activity sources, emerging threats and vulnerabilities through its DeepSight Intelligence solution. Norse provides live attack intelligence, CrowdStrike specializes in identifying advanced threats and targeted attacks, while ThreatStream brings intelligence from millions of threat indicators from around the Web. Webroot contributes with its BrightCloud IP reputation service.
“Norse believes it is important for the security community to work together towards achieving a comprehensive approach to threat intelligence, and LogRhythm’s Threat Intelligence Ecosystem is an important step in that direction,” commented Sam Glines, the chief executive officer of Norse. “While current solutions excel at collecting and analyzing an organization’s internal data, live external threat intelligence like that provided by Norse has proven to provide critical contextual data necessary for the rapid detection of advanced threats enterprises are encountering today.”
LogRhythm also announced a new addition to the company’s Security Intelligence Platform, namely the Threat Intelligence Security Analytics Suite, which captures the threat data provided by each of the ecosystem partners.
Mutual customers can benefit from the company’s ability to collect and process machine data such as log, event and flow data. Organizations can also take advantage of its endpoint, server and network forensic sensor data to identify activities associated with threat intelligence, and prioritize incidents, LogRhythm said.
“We are excited to launch our ecosystem with several of the industry’s leading providers of threat intelligence,” said Chris Petersen, CYO and co-founder of LogRhythm. “Our ecosystem approach ensures that customers can take advantage of broad spectrum intelligence, covering the full gamut of threat intelligence methods. When leveraged via LogRhythm’s industry leading security analytics platform, our out-the-box analytics suites ensure customers can quickly and easily leverage ecosystem intelligence towards the most precise detection of high impact threats possible today.”
Earlier this month, the company announced a Honeypot Security Analytics Suite, which helps its customers analyze opportunistic hacker attacks by deploying honeypots.
In July, LogRhythm raised $40 million in a new round of equity financing led by Riverwood Capital.

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
- Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations
- Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances
- OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
- New Honeywell OT Cybersecurity Solution Helps Identify Vulnerabilities, Threats
- Rheinmetall Says Military Business Not Impacted by Ransomware Attack
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
