Story image

LogRhythm dips toes into UEBA market to defend against user-based threats

05 Feb 2018

LogRhythm is dipping its toes into the User and Behaviour Analytics (UEBA) market for organisations that aren’t able to replace their existing legacy solutions - and to protect against insider threats, account takeovers, as well as privilege abuse and misuse.

According to the company, some firms aren’t able to replace their existing legacy Security Information and Event Management (SIEM) solutions – however, a standalone UEBA is able to fit in right alongside.

LogRhythm decided to take an approach to UEBA that is ‘distinct’ in the marketplace by incorporating in-depth analysis of both unknown and known threats. It also uses machine and cloud-based analytics as part of a standalone platform.

According to a recent LogRhythm study, 88% of security professionals name insider threats as a growing concern for their organisation.

LogRhythm VP of products Chris Brazdziunas explains the company’s entrance into the UEBA market by saying that organisations are ‘under siege’ from a variety of threat actors.

 “Meanwhile, many security teams face significant obstacles securing qualified personnel to combat these threats. These challenges are sometimes heightened by organisational pressure to relax controls to unlock business productivity.”

“UEBA arms organisations to detect and respond to user-based threats. Analysts are provided evidence-based starting points for investigation, rich visualisations for effective analysis, and direct access to data for rapid response," Brazdziunas concludes.

The company designed its solution to also conduct analysis of areas such as customer feedback for better accuracy; and the collection of threat training data across an entire organisation and its extended customer footprint.

LogRhythm says this collection strategy makes the product smarter and faster, particularly in situations surrounding insider threats, account takeovers, as well as privilege abuse and misuse.

“A significant number of large enterprises are replacing their legacy SIEMs with LogRhythm’s next-gen platform, but not every organisation is able to do that today,” comments LogRhythm’s vice president of marketing and business development, Matt Winter.

 “With LogRhythm UEBA, customers that aren’t yet ready for full replacement no longer have to settle for an unproven and functionally limited ‘SIEM helper’ or similar point product to get more value out of their existing SIEMs. Instead, LogRhythm now offers them a full-featured solution that’s architected to scale, can seamlessly grow with them as their needs evolve and has been repeatedly proven in large global deployments.”

LogRhythm UEBA is a standalone version of the LogRhythm product set for non-LogRhythm Enterprise or XM customer environments. The product is commercially available, and pricing is based on a per-user model, with hardware included through a subscription.

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.
Red Box gains compliance boost with new partnership
By partnering with Global Relay, voice platform provider Red Box is improving the security of its offerings for high-value and risk voice data.