LogRhythm Introduces Solution to Address Advanced Network-Borne Threats

LogRhythm Network Detection and Response’s automation features allow
security teams of all sizes to do more with less

BOULDER, Colo.–(BUSINESS WIRE)–LogRhythm, The Security Intelligence Company, today announced the
release of LogRhythm
NDR
, an automated network security solution for detecting,
qualifying, investigating and responding to advanced network-borne
threats. While LogRhythm NDR benefits all organizations and security
teams of any size, it is especially well-suited for those with
operational technology (OT) security needs and short-staffed teams.

“Incident response teams need detailed network information and key
forensics insight to investigate incidents — yet they may not have
network forensics expertise, or the time needed for detailed forensic
investigation and packet analysis,” said Jon Oltsik, senior principal
analyst at ESG. “A solution like LogRhythm NDR is a welcome addition to
the marketplace, because it can help provide the automation that
security teams need to detect and respond to threats earlier in their
lifecycle. As a result, LogRhythm NDR can help eliminate time-consuming
manual tasks, while allowing security analysts to focus on the
higher-value activities that require direct human touch.”

This automation is especially important in today’s world, where security
teams are notoriously understaffed. According to a new
study by (ISC)2
, the world’s largest nonprofit
association of certified cybersecurity professionals, there is a
dramatic deficit of almost three million cybersecurity jobs globally,
putting organizations at greater risk of cyberattack.

“Security teams are often understaffed, overwhelmed by false positives
and lack the necessary network visibility and analytics required to
detect and respond to advanced network-borne threats,” said Chris
Petersen, co-founder and chief product and technology officer at
LogRhythm. “With the introduction of LogRhythm NDR, security teams now
have the necessary visibility, analytics and automation to not only
successfully surface hard-to-see threats, but to also do so faster and
more accurately — no matter how resource-constrained they might be.”

LogRhythm NDR uniquely combines Layer 7 network traffic monitoring, full
packet capture, multi-method threat detection, and workflow automation.
This highly integrated offering empowers organizations to detect and
respond to a wide variety of network-borne threats that might otherwise
fly under the radar.

Uncover Hidden Threats with Deep Network Visibility and Forensics

You can’t detect what you can’t see. LogRhythm NDR leverages appliance
and software sensors that deliver deep network traffic visibility into
data centers, OT infrastructure, remote sites, and public/private cloud.
Notable capabilities include:

  • Application identification and deep meta-data extraction of encrypted
    and unencrypted network sessions
  • Recognition of 19 Supervisory Control and Data Acquisition (SCADA)
    protocols
  • Always-on or selective, full packet capture, enabling full-fidelity
    forensic analysis

Accurate Threat Detection Through Multi-Method Network Threat
Analytics

LogRhythm NDR takes advantage of LogRhythm’s patented and award-winning
security analytics capabilities, combined with on-sensor methods, to
deliver comprehensive, high-accuracy threat detection. Notable threat
detection methods include:

  • Deep inspection of traffic metadata against known indicators of
    compromise (IOCs)
  • Scenario modeling for known tactics, techniques, and procedures (TTPs)
  • Behavior profiling and anomaly detection for insider and zero-day
    threats

Reduced Response Times with High-Efficiency Workflows Powered by
Automation

LogRhythm NDR leverages workflow-integrated security orchestration,
automation and response (SOAR) features to empower security teams of all
sizes to quickly triage, investigate and neutralize threats. Notable
capabilities include:

  • Real-time monitoring of alarms with rapid access to forensic
    information and threat intelligence
  • Case management, delivering secure collaboration and centralization of
    forensic evidence
  • Guided, customizable playbooks for tracking, documenting and enforcing
    defined workflows
  • 100s of automated actions that simplify investigations and enable
    immediate response
  • Metrics for measuring, reporting and improving security team
    effectiveness

LogRhythm NDR is the most comprehensive offering in this rapidly growing
market segment. To offer the same features in support of the full
investigative and response workflow, other vendors often rely on
integrations with other third-party security information and event
management (SIEM),
SOAR or network forensics tools. With LogRhythm NDR, security teams
quickly realize improved operational capabilities in support of network
threat detection and response — without requiring sophisticated network
forensics expertise, purchasing and integrating additional tools, or
expanding their staffs.

“The combination of real-time monitoring and full-response capabilities
have been critical for enabling us to detect and respond to threats
quickly and efficiently,” said Dan Ney, enterprise technology security
and risk lead, Baker Tilly. “We’re confident in LogRhythm NDR’s ability
to help other security teams realize the same time to value that
LogRhythm has allowed us to realize.”

LogRhythm NDR is available today. It is priced on an easy per-GBs basis
and available as a subscription. For more information, please visit: https://logrhythm.com/products/logrhythm-ndr/.

About LogRhythm

LogRhythm is a world leader in NextGen SIEM, empowering organizations on
six continents to successfully reduce risk by rapidly detecting,
responding to, and neutralizing damaging cyberthreats. The LogRhythm
NextGen SIEM Platform combines user and entity behavior analytics
(UEBA); network detection and response (NDR); and security
orchestration, automation, and response (SOAR) in a single end-to-end
solution. LogRhythm’s Threat Lifecycle Management (TLM) framework serves
as the foundation for the AI-enabled security operations center (SOC),
helping customers measurably secure their cloud, physical, and virtual
infrastructures for both IT and OT environments. Built for security
professionals by security professionals, the LogRhythm NextGen SIEM
Platform has won many accolades.
For more information, visit logrhythm.com.

Contacts

Media Contact:
Jenny Overell
Jenny.Overell@finnpartners.com
415-249-6778

error: Content is protected !!