Threat Intelligence, Cloud Security, Content, Security Program Controls/Technologies

LogRhythm Adds Cloud-Based Machine Learning to Threat Management Platform

Artificial Intelligence

LogRhythm, a company that offers security intelligence solutions to MSPs, MSSPs and resellers, has introduced CloudAI cloud-based security analytics for its Threat Lifecycle Management (TLM) platform.

CloudAI leverages machine learning to automate the detection of advanced threats through self-evolving, cloud-based analytics, LogRhythm said in a prepared statement. It uses artificial intelligence (AI) to detect cyber threats that employ unknown attacks and methods, LogRhythm stated, and provides security teams with visibility into emerging and active user-based threats.

In addition, CloudAI detects emerging and advanced threats based on deep analysis of observed activities and behavioral shifts, LogRhythm noted. It uses supervised machine learning and real world feedback from LogRhythm's global customer base, the company indicated, and provides high-accuracy threat detection to reduce false positives and alert fatigue.

CloudAI is available as a fully integrated, add-on subscription service that is delivered from the cloud, LogRhythm said. It does not require additional hardware or software, the company pointed out, and can help streamline security administration and management.

What Is the TLM Platform?

The TLM platform unites AI, data lake technology, security analytics and security automation and orchestration into a single end-to-end solution, according to LogRhythm. It empowers MSPs, MSSPs and security operations center (SOC) teams to sort "through the noise," LogRhythm said, to identify and investigate high-priority cyber threats.

TLM platform capabilities include:

  • Forensic Data Collection: Allows users to collect log and machine data from across an enterprise and supplements this machine data with critical context.
  • Incident Response Orchestration: Provides central access to all forensic investigation information for rapid recovery.
  • Machine Analytics: Evaluates all collected data and detects both routine and advanced threats automatically.

Partner Alliances

LogRhythm also has been active on the partner and alliance fronts. The company in May announced the Technology Alliance Partner (TAP) program to complement its TLM platform.

The TAP program promotes interoperability between the TLM platform and partner technologies, LogRhythm said. It enables partners to add functionality to the TLM platform, LogRhythm indicated, to accelerate threat detection, response and neutralization.

LogRhythm today offers access to its security intelligence platform as part of its MSP and MSSP partner program. With this program, MSPs and MSSPs can deliver unified security information and event management (SIEM), log management, network and endpoint monitoring and forensics and security analytics, LogRhythm said.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.