Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

LogRhythm Updates Its SIEM Platform with Pattern Recognition and Remediation

On Wednesday, SIEM vendor LogRhythm announced the latest release of its SIEM-focused security intelligence platform, LogRhythm 6.0. The release is a step forward, and includes pattern recognition and responsive monitoring, which can act on its own if warranted. In addition, baseline changes offer faster indexing and processing of logs, as well as increased storage capacity.

On Wednesday, SIEM vendor LogRhythm announced the latest release of its SIEM-focused security intelligence platform, LogRhythm 6.0. The release is a step forward, and includes pattern recognition and responsive monitoring, which can act on its own if warranted. In addition, baseline changes offer faster indexing and processing of logs, as well as increased storage capacity.

In a briefing with SecurityWeek, Chris Petersen, CTO and co-Founder, and Mike Reagan, VP of Marketing and Business Development, offered an overview some of the new features.

SIEM Solutions from LogRhythmTo start, LogRhythm 6.0 was in development for nearly a year. The planning and development centered on three areas: defense, detection, and response.

Half of the company’s clients deploy LogRhythm as a first SIEM solution. Once in place, many are surprised to see the amount of raw data that lives on their network. Sometimes, the data is there, but enterprises were either unaware of it or couldn’t understand it. First Gen SIEM users, who are moving up to new technologies, are amazed at the additional data and information that wasn’t there previously.

The idea was to expand on the ways information can be delivered to the right people at the right time (tailored to their role and unique needs when it comes to the level of detail), but also offer them the ability to relax if needed and let the system do the heavy lifting.

For example, situational awareness, and target profiling, along with host and user activity monitoring in the latest version, will allow organizations the chance to spot trends. If a user in accounting is known to use the same host and location when connecting remotely, day in and day out, this sets an easily spotted pattern. However, alarms should be noted if that pattern changes suddenly.

If flags are raised, LogRhythm’s SmartRemediation technology can act on its own and resolve the issue, or start a chain of events that create a logical workflow for administrators, including a number of responses to a given situation.

Version 6.0 also includes the introduction of Knowledge Modules. These are pre-packaged, tailored content aligned with specific regulatory mandates, use cases, or functions. They can be applied instantly, or on a case by case basis, and are included in the maintenance contract.

The remediation is the biggest feature to the new release, as it has the ability to slash response times, and allow IT departments to better allocate resources.

According to soon to be released research from the Enterprise Strategy Group, 74-percent of enterprise respondents (who held InfoSec roles at orgaizations with more than 1,000 employees), said that they were considering adopting automated remediation tools. With that in mind, LogRhythm seems to be in the right place at the right time.

The 6.0 release is available now.

Related Reading: Security Intelligence: A Spy Story

Related Reading: Challenges and Strategies for Log Management In The Cloud

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Application Security

A new report finds that barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.

Application Security

A security vulnerability identified on AliExpress, the wholesale marketplace owned by the Chinese e-commerce giant Alibaba, could have been exploited by hackers to hijack...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...