sb-as logo
Story image

LogRhythm dips toes into UEBA market to defend against user-based threats

05 Feb 2018

LogRhythm is dipping its toes into the User and Behaviour Analytics (UEBA) market for organisations that aren’t able to replace their existing legacy solutions - and to protect against insider threats, account takeovers, as well as privilege abuse and misuse.

According to the company, some firms aren’t able to replace their existing legacy Security Information and Event Management (SIEM) solutions – however, a standalone UEBA is able to fit in right alongside.

LogRhythm decided to take an approach to UEBA that is ‘distinct’ in the marketplace by incorporating in-depth analysis of both unknown and known threats. It also uses machine and cloud-based analytics as part of a standalone platform.

According to a recent LogRhythm study, 88% of security professionals name insider threats as a growing concern for their organisation.

LogRhythm VP of products Chris Brazdziunas explains the company’s entrance into the UEBA market by saying that organisations are ‘under siege’ from a variety of threat actors.

 “Meanwhile, many security teams face significant obstacles securing qualified personnel to combat these threats. These challenges are sometimes heightened by organisational pressure to relax controls to unlock business productivity.”

“UEBA arms organisations to detect and respond to user-based threats. Analysts are provided evidence-based starting points for investigation, rich visualisations for effective analysis, and direct access to data for rapid response," Brazdziunas concludes.

The company designed its solution to also conduct analysis of areas such as customer feedback for better accuracy; and the collection of threat training data across an entire organisation and its extended customer footprint.

LogRhythm says this collection strategy makes the product smarter and faster, particularly in situations surrounding insider threats, account takeovers, as well as privilege abuse and misuse.

“A significant number of large enterprises are replacing their legacy SIEMs with LogRhythm’s next-gen platform, but not every organisation is able to do that today,” comments LogRhythm’s vice president of marketing and business development, Matt Winter.

 “With LogRhythm UEBA, customers that aren’t yet ready for full replacement no longer have to settle for an unproven and functionally limited ‘SIEM helper’ or similar point product to get more value out of their existing SIEMs. Instead, LogRhythm now offers them a full-featured solution that’s architected to scale, can seamlessly grow with them as their needs evolve and has been repeatedly proven in large global deployments.”

LogRhythm UEBA is a standalone version of the LogRhythm product set for non-LogRhythm Enterprise or XM customer environments. The product is commercially available, and pricing is based on a per-user model, with hardware included through a subscription.

Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
Five Eyes nations want legal access to backdoors to fight 'illegal content'
The nations argue that encryption can make the enforcement of public safety difficult, particularly when it comes to serious problems like child exploitation. More
Story image
How are industrial enterprises faring with the rise of cyber threats?
The majority of industrial enterprises face an increase in cyber threats since the COVID-19 pandemic began, according to a new report from Claroty titled The Critical Convergence of IT and OT Security in a Global Crisis.More
Story image
Radware launches DDoS protection for online gaming
“Online games are a massive, multi-billion-dollar industry, but they frequently fall victim to powerful and targeted DDoS attacks,"More
Story image
NordVPN upgrades infrastructure with launch of colocated servers
"The greatest advantage of having colocated servers is their complete ownership, which guarantees access only by our authorised people."More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More