Several vendors have joined forces with LogRhythm on a threat intelligence collective designed to provide customers with visibility and insight in order to help them detect sophisticated cyber threats.
Symantec, Norse, CrowdStrike, Webroot and ThreatStream are the first companies to join LogRhythm’s Threat Intelligence Ecosystem, which includes low reputation IP addresses and URLs, malicious email addresses, processes, filenames, user agent strings and other data.
Each of the companies within the ecosystem contribute with unique capabilities, LogRhythm said. Symantec, for example, provides actionable data about malicious activity sources, emerging threats and vulnerabilities through its DeepSight Intelligence solution. Norse provides live attack intelligence, CrowdStrike specializes in identifying advanced threats and targeted attacks, while ThreatStream brings intelligence from millions of threat indicators from around the Web. Webroot contributes with its BrightCloud IP reputation service.
“Norse believes it is important for the security community to work together towards achieving a comprehensive approach to threat intelligence, and LogRhythm’s Threat Intelligence Ecosystem is an important step in that direction,” commented Sam Glines, the chief executive officer of Norse. “While current solutions excel at collecting and analyzing an organization’s internal data, live external threat intelligence like that provided by Norse has proven to provide critical contextual data necessary for the rapid detection of advanced threats enterprises are encountering today.”
LogRhythm also announced a new addition to the company’s Security Intelligence Platform, namely the Threat Intelligence Security Analytics Suite, which captures the threat data provided by each of the ecosystem partners.
Mutual customers can benefit from the company’s ability to collect and process machine data such as log, event and flow data. Organizations can also take advantage of its endpoint, server and network forensic sensor data to identify activities associated with threat intelligence, and prioritize incidents, LogRhythm said.
“We are excited to launch our ecosystem with several of the industry’s leading providers of threat intelligence,” said Chris Petersen, CYO and co-founder of LogRhythm. “Our ecosystem approach ensures that customers can take advantage of broad spectrum intelligence, covering the full gamut of threat intelligence methods. When leveraged via LogRhythm’s industry leading security analytics platform, our out-the-box analytics suites ensure customers can quickly and easily leverage ecosystem intelligence towards the most precise detection of high impact threats possible today.”
Earlier this month, the company announced a Honeypot Security Analytics Suite, which helps its customers analyze opportunistic hacker attacks by deploying honeypots.
In July, LogRhythm raised $40 million in a new round of equity financing led by Riverwood Capital.