Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Network Security

LogRhythm Launches Threat Intelligence Ecosystem

Several vendors have joined forces with LogRhythm on a threat intelligence collective designed to provide customers with visibility and insight in order to help them detect sophisticated cyber threats.

Several vendors have joined forces with LogRhythm on a threat intelligence collective designed to provide customers with visibility and insight in order to help them detect sophisticated cyber threats.

Symantec, Norse, CrowdStrike, Webroot and ThreatStream are the first companies to join LogRhythm’s Threat Intelligence Ecosystem, which includes low reputation IP addresses and URLs, malicious email addresses, processes, filenames, user agent strings and other data.

LogRhythmEach of the companies within the ecosystem contribute with unique capabilities, LogRhythm said.  Symantec, for example, provides actionable data about malicious activity sources, emerging threats and vulnerabilities through its DeepSight Intelligence solution. Norse provides live attack intelligence, CrowdStrike specializes in identifying advanced threats and targeted attacks, while ThreatStream brings intelligence from millions of threat indicators from around the Web. Webroot contributes with its BrightCloud IP reputation service.

“Norse believes it is important for the security community to work together towards achieving a comprehensive approach to threat intelligence, and LogRhythm’s Threat Intelligence Ecosystem is an important step in that direction,” commented Sam Glines, the chief executive officer of Norse. “While current solutions excel at collecting and analyzing an organization’s internal data, live external threat intelligence like that provided by Norse has proven to provide critical contextual data necessary for the rapid detection of advanced threats enterprises are encountering today.”

LogRhythm also announced a new addition to the company’s Security Intelligence Platform, namely the Threat Intelligence Security Analytics Suite, which captures the threat data provided by each of the ecosystem partners.

Mutual customers can benefit from the company’s ability to collect and process machine data such as log, event and flow data. Organizations can also take advantage of its endpoint, server and network forensic sensor data to identify activities associated with threat intelligence, and prioritize incidents, LogRhythm said.

“We are excited to launch our ecosystem with several of the industry’s leading providers of threat intelligence,” said Chris Petersen, CYO and co-founder of LogRhythm. “Our ecosystem approach ensures that customers can take advantage of broad spectrum intelligence, covering the full gamut of threat intelligence methods. When leveraged via LogRhythm’s industry leading security analytics platform, our out-the-box analytics suites ensure customers can quickly and easily leverage ecosystem intelligence towards the most precise detection of high impact threats possible today.”

Earlier this month, the company announced a Honeypot Security Analytics Suite, which helps its customers analyze opportunistic hacker attacks by deploying honeypots.

Advertisement. Scroll to continue reading.

In July, LogRhythm raised $40 million in a new round of equity financing led by Riverwood Capital.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...