Security Program Controls/Technologies, Channel partners, Content, Security Operations

LogRhythm Expands Security Operations Capabilities, Integrations

Credit: LogRhythm

LogRhythm has unveiled new capabilities and integrations to help security teams detect and resolve cyber threats, according to a prepared statement.

These capabilities extend across four security operations solutions:

1. Axon

Organizations now can access custom and out-of-the box analytics rules via the LogRhythm Axon security analytics platform, the company said. Axon also offers a markdown widget and histogram widget to help security teams reduce the time required to find security data and an observation workflow that these teams can use to log observations.

2. Security Information and Event Management (SIEM)

LogRhythm SIEM provides an administrative workflow that improves log source configuration, deployment and management, the company stated. In addition, LogRhythm SIEM offers audit logging to monitor suspicious activity and track users changes and an expanded library of log sources.

3. User Entity and Behavior Analytics (UEBA)

LogRhythm has added detection models for Windows systems to its UEBA solution. These models help security teams "quickly uncover hard-to-detect threats," the company indicated.

4. Network Detection and Response (NDR)

LogRhythm has integrated its NDR solution with the Microsoft Endpoint Detection and Response (EDR) solution to help security teams identify and address security blind spots, the company said. The solution also allows security teams to ingest data from VirusTotal threat investigation tool and offers user interface enhancements.

The new security capabilities and integrations simplify the lives of security analysts, LogRhythm Chief Product and Customer Office Kish Dill said. As such, they enable security teams to detect threats faster than ever before.

LogRhythm, SentinelOne Announce Integration

The new LogRhythm security operations upgrades come after the company in December 2022 partnered with SentinelOne. Together, the companies launched an integration that combines LogRhythm’s security analytics with endpoint telemetry from SentinelOne. Also, the integration uses the LogRhythm SmartResponse capability and SentinelOne API to automate responses to various malicious activities.

LogRhythm offers security solutions that blend SIEM, log management, file integrity monitoring and machine analytics. The company provides a partner program that allows MSSPs to integrate its security operations capabilities into their offerings.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.