SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
LogRhythm expand security operations with enhanced analytics
Thu, 26th Jan 2023

LogRhythm has announced a series of expanded capabilities and integrations for its security operations solutions. The updates propel LogRhythm’s ability to be a much-needed force multiplier for overwhelmed security teams who are expected to confidently, effectively, and efficiently defend against cyberattacks. 

Following the October launch of LogRhythm Axon, a cloud-native security operations platform, the company is introducing new visualizations and powerful analytics that offer seamless visibility into potential security risks. Designed to streamline the experience of security analysts, Axon and its latest updates make it easier for teams to detect, investigate, and report on potential threats, reducing the burden of managing threats and the operating infrastructure. 

“On a daily basis, we strive to empower lean and overburdened security teams with the most intuitive experience and contextual analytics,” says Chris O’Malley, CEO of LogRhythm. 

“By continuously working to fulfil that mission and deliver innovation that matters to customers every quarter, we are delivering on our promise of helping customers quickly reduce noise and secure their environment so that they can concentrate on safely competing in the digital age where fast beats slow.” 

“Axon has already given our team the tools to effectively analyze our environment and improve our security posture," adds Eric L., Network Engineer at a global manufacturing company. 

“Data collection and correlation to detect threats and respond can be time-consuming. Axon gives us an intuitive interface to perform complex searches on data to filter in what really matters. We cannot wait to use the powerful analytics tools that will quickly surface threats.”

This quarter's enhancements span LogRhythm's product portfolio to collectively enable SOC teams to detect and resolve threats more quickly, improving analyst productivity and effectiveness. 

Additional enhancements and integrations with LogRhythm’s Axon, SIEM, NDR, and UEBA solutions are also being released in this quarterly rollout.

For LogRhythm Axon, these include new custom and out-of-the-box analytics rules, including rules for MITRE ATT&CK detections. The second addition is the new markdown widget, and the histogram widget cuts down on time spent searching for data. The third feature is an easy investigation of log observations raised by analytics through the Observation Workflow.
For LogRhythm SIEM, these include improved administrative workflow for collection and shortened time to configure, deploy, and manage log sources that require Open Collector. The second addition is enhanced audit logging, which makes monitoring suspicious activity easier and tracking when users make important changes. The third feature is the updated and expanded LogRhythm’s library of supported log sources.

For LogRhythm UEBA, the new feature is detection models for Windows systems to uncover hard-to-detect threats quickly.

For LogRhythm NDR, these include improved blind spot detection and endpoint visibility through integration with Microsoft EDR. The second addition is easily ingesting data from VirusTotal with a new configuration page. The third feature is improved analyst experience with expanded UI improvements.

“This quarter, we are especially excited about the number of groundbreaking and enhanced capabilities coming to our market-leading solutions,” says Kish Dill, Chief Product and Customer Officer of LogRhythm. 

“These enhancements and integrations have been curated with the goal of simplifying the lives of security analysts and enabling them to detect threats faster through seamless visibility, enhanced collection, and an intuitive analyst experience.”