LogRhythm, Trend Micro Partner for Automated Threat Detection and Response
LogRhythm, a security information and event management (SIEM) platform provider, and cloud and endpoint security company Trend Micro have announced an integration to help security teams speed up threat detection and response.
How the Partnership Works
The integration allows security teams to use the LogRhythm SIEM platform to collect and analyze logs from the Trend Micro Vision One solution, the companies said. LogRhythm SIEM ingests these logs and, the SmartResponse for Trend Micro feature automatically blocks list hashes, IP addresses, domain URLs or mailboxes when it detects suspicious activity.
Security teams can then isolate endpoints to run investigations and resolve security issues. Or, if a potential threat is detected that warrants additional analysis of a potentially compromised file, security teams can submit the file to VisionOne for review.
In addition, security teams can use the LogRhythm-Trend Micro integration to correlate threat detection and activity data across multiple security layers, the companies noted. They also can generate insights for end-user, network and endpoint behaviors across their IT environments and find ways to protect against cyberattacks and data breaches.
LogRhythm Explores Cybersecurity Integrations
Along with Trend Micro, LogRhythm has announced several cybersecurity integrations dating back to 2022, including:
- Microsoft. LogRhythm integrated its network detection and response (NDR) solution with the Microsoft Endpoint Detection and Response (EDR) solution to help security teams identify and address security blind spots.
- SentinelOne. Security teams can use LogRhythm’s security analytics with endpoint telemetry from SentinelOne to protect their organizations against threats and generate security analytics.
- Gigamon. Security teams can utilize LogRhythm SIEM and the Gigamon Hawk Deep Observability Pipeline to identify behavioral anomalies and internal and external threats.
LogRhythm provides SIEM, security orchestration, automation and response (SOAR) and other security solutions to global organizations. It also offers a partner program that enables MSSPs, MSPs and other technology providers to integrate its SIEM platform’s capabilities into their portfolios.