Cyber threat defense, detection and response platform

LogRhythm announced LogRhythm 6.0, an evolution to its SIEM 2.0 security intelligence platform with significant innovations in cyber threat defense, detection and response.

The platform addresses the rapidly evolving sophistication in cyber threats, intrusions and data breaches with advanced threat detection, automated intelligent response, compliance automation and assurance and expanded embedded expertise.

LogRhythm 6.0 enables organizations to cast a spotlight on the most likely targets of an attack. By combining situational awareness and target profiling with host and user activity monitoring and correlation and pattern recognition, organizations can detect suspicious and threatening activity faster and more accurately. Additionally, it introduces targeted information delivery, a selection of customizable interfaces tailored to ensure the right information gets to the right people at the right time, and in a format suited to their specific role and job function.

Organizations need the assistance of intelligent, automated remediation and the granular controls to ensure immediate action is taken when appropriate and escalation for remediation approval occurs when warranted. The platform empowers organizations with SmartRemediation, intelligent process-driven capabilities to automatically take action in response to any alarm. SmartRemediation delivers immediate action when threats or breaches are identified, internal or compliance-specific policies are violated, or critical operational thresholds are crossed. Responses can be immediate and fully automated or leverage the optional workflow-aligned approval process for up to three levels of approvals required to trigger a specific remediation action.

LogRhythm 6.0 advances security intelligence through the introduction of Knowledge Modules, pre-packaged, tailored content aligned with specific regulatory mandates, use cases or functions being performed by specific users of the LogRhythm platform. Knowledge modules contain pre-built reports, investigations, alerts, AI Engine pattern recognition or correlation rules, lists, layouts, remediation plug-ins or widgets. Users can opt-in to any and all modules they deem relevant to their use of the LogRhythm platform.

Once selected, modules can be rapidly applied to customer environments and automatically propagated throughout the LogRhythm platform. Knowledge modules provide LogRhythm customers with continuous research, insight and intelligence related to threats, responses and regulatory mandates, along with the tools, templates and best-practices they need to harness this embedded expertise.

LogRhythm 6.0 also features performance increases of up to four times that of LogRhythm’s 5.1 version. Advances in LogRhythm’s proprietary data architecture and new high performance database techniques have resulted in better speeds in indexing, reporting and search as well as a 2X increase in storage efficiency for indexed and raw logs.