Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

10/9/2015
11:35 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

LogRhythm 7 Accelerates Cyber Threat Detection & Response via Revolutionary Search, Optimization in Processing and Indexing

Extends Efficiencies and Effectiveness of Next-Gen SOCs

BOULDER, Colo.—October 8, 2015LogRhythm, The Security Intelligence Company, today unveiled LogRhythm 7, a major upgrade to its leading security intelligence and analytics platform. New innovations in search, scalability, performance and security operations efficiencies will help organizations detect and respond faster to advanced cyber threats.

Version 7 of the LogRhythm security intelligence and analytics platform provides the visibility, automation and incident response orchestration capabilities required by the next-generation security operations center (SOC). The platform accomplishes this by collecting information from hundreds of thousands of disparate data sources, then analyzing and prioritizing the data and events. The resulting information becomes instantly available to SOC personnel.

In its 2015 Global Cost of Data Breach Study, the Ponemon Institute cited a continual rise in cyber attack frequency and the costs associated with resolving cyber incidents. As such, IT teams must increase their visibility and analytics capabilities to detect intruders faster and enable rapid, efficient and precise response to avoid a material breach or high-impact cyber incident.

“The sophistication and resolve of today’s cyber adversaries continue to rise, as does the number of successful intrusions,” said Chris Petersen, senior vice president of products, CTO and co-founder at LogRhythm. “But an intrusion doesn’t have to lead to a major breach or cyber incident. The innovations in LogRhythm 7 empower IT security teams to detect, respond to and neutralize cyber intruders faster and more efficiently.”

“LogRhythm 7's incident response orchestration and SmartResponse™ automation capabilities are helping us detect and respond to threats faster than ever,” said Gary Kay, senior information security manager at Checkers Drive-In Restaurants. “Our IT environment is geographically dispersed and ever-evolving, so LogRhythm is an essential tool.”

LogRhythm 7 delivers an abundance of innovation and security intelligence breakthroughs including:

·       Elasticsearch™-Based Indexing to Expedite Investigations: LogRhythm’s new data indexing architecture delivers improved speed and precision of search. The introduction of Elasticsearch enables powerful full-text unstructured search capabilities. When combined with LogRhythm’s contextual search, users benefit from a highly intuitive search experience that provides the power and precision to get to the right data fast—resulting in faster investigations and faster response.

·       Architectural Advancements to Harness and Manage Big Data More Efficiently: LogRhythm 7 introduces significant software innovations and architectural improvements at the data processing and indexing tier.

o   Up to 300 percent improvement in data indexing performance on a per-node basis.

o   The ability to separately and optimally scale data processing and data indexing.

o   Active/active high-availability data processing and indexing.

o   The introduction of Elasticsearch and clustering at the indexing tier.

 

With these combined improvements, LogRhythm 7 supports massive data management workloads with less compute and storage resources, while delivering high availability. Software efficiencies, combined with our focus on ease-of-use, will help customers realize continued lower cost of ownership.

 

·       Powering the Next-Gen SOC

LogRhythm 7 offers myriad innovations that make SOC personnel and management more efficient and informed across monitoring, investigation and incident response workflows. As a whole, these improvements help organizations realize improved operational effectiveness of existing staff, while reducing mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to threats.

 

·       New Real-Time Threat Activity Map provides powerful, interactive visualizations depicting geographic origin and targets of active threats, empowering SOC analysts to detect and respond more quickly to concerning attack patterns.

·       New Risk-Based-Scoring Algorithm uses environmental threat and risk factors to yield a higher level of precision in prioritizing alarms, enabling more efficient, risk-aligned monitoring operations.

·       Incident Response Orchestration Advancements improves support for customized SOC workflows, cross-team collaboration capabilities and management visibility into active incidents.

·       Extensions to the SmartResponse™ Automation Framework enable multiple pre-staged actions from a single alarm, as well as centralized management of actions from remote locations. These extensions also allow customers to automate a variety of common investigatory and remediation actions at the endpoint, such as scanning an attacked endpoint and/or quarantining it from the network, easily and effectively.

 

“Today’s next-gen SOC personnel require highly scalable and extremely efficient solutions to detect intruders quickly and initiate appropriate countermeasures fast enough to avoid a material data breach,” said Chris Kissel, industry analyst for Frost and Sullivan. “LogRhythm optimizes enterprise security monitoring, detection and response programs by delivering an integrated product line that supports the end-to-end detection and response workflow. With LogRhythm 7, the company is once again demonstrating its innovation leadership in security intelligence through its use of Elasticsearch, powerful visualizations via its new real-time threat map and with a number of extensions to its automated response framework.” 

 LogRhythm 7 is available immediately. For more information, visit http://www.logrhythm.com/logrhythm-7/

 About LogRhythm

LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s award-winning platform unifies next-generation SIEM, log management, network and endpoint monitoring and forensics, and security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides innovative compliance automation and assurance, and enhanced IT intelligence.

 

Consistently recognized by third-party experts, LogRhythm has been positioned as a Leader in Gartner’s SIEM Magic Quadrant report for four consecutive years and scored highest in Gartner’s Critical Capabilities for Security Information and Event Management, named a "Champion” in Info-Tech Research Group’s 2014-15 SIEM Vendor Landscape report, earned the SANS Institute’s “Best of 2014” award in SIEM and received the SC Magazine Reader Trust Award for “Best SIEM Solution” in April 2015. Additionally, the company earned Frost & Sullivan’s 2015 Global Security Information and Event Management (SIEM) Enabling Technology Leadership Award. LogRhythm is headquartered in Boulder, Colorado with operations throughout North and South America, Europe, the Middle East and the Asia Pacific region.

 

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.