Threat Management, Threat Intelligence, SIEM, SOAR

LogRhythm, D3 Security Automate Threat Management

Cybersecurity budget

LogRhythm has integrated its Axon security information and event management (SIEM) solution with the D3 Security Smart SOAR (security orchestration, automation and response) platform's incident enrichment and response capabilities, according to the businesses.

In doing so, LogRhythm and D3 are providing security teams with "a powerful, integrated solution to streamline their security operations," the companies said.

LogRhythm Takes a "Significant Step Forward"

Cyber threats are evolving and continue to multiply, LogRhythm CISO Andrew Hollister said. As such, it is critical for organizations to have the tools and capabilities to respond to these threats.

The D3 partnership represents a "significant step forward in empowering security teams to navigate the complexities of today's threat landscape with confidence," Hollister pointed out.

LogRhythm-D3 Security Integration Speeds Up Incident Response

Security teams can use LogRhythm Axon SIEM with D3 Smart SOAR to identify behavioral anomalies and internal and external threats, the businesses indicated.

Axon SIEM alerts can trigger automated response actions orchestrated by Smart SOAR, the businesses said. This helps security teams quickly respond to incidents. In addition, Axon SIEM and Smart SOAR automate incident response workflows. This removes repetitive manual tasks like data enrichment and correlation.

LogRhythm and D3 Simplify Security for MSSPs

With LogRhythm Axon SIEM and D3 Smart SOAR, MSSPs can oversee multiple customer instances from a single interface, the companies indicated. This eliminates the need for MSSPs to switch between multiple screens.

Furthermore, MSSPs can manage multiple Axon SIEM tenants within Smart SOAR, the companies noted. They can also utilize playbooks to automatically ingest and deploy configurations such as analytic rules, searches, dashboards and reports.

LogRhythm Updates Axon SIEM

The D3 partnership announcement comes after LogRhythm in October 2023 released a new version of Axon SIEM.

Key features of LogRhythm's latest Axon SIEM release include:

  • Automated team workflows through case management
  • Signal Replay feature that enables security operations center (SOC) teams to test analytics rules to ensure that detections are optimized for their environments
  • Integration of log source on-boarding through centralized management
  • Ability to search common events that allows security analysts to find relevant security events across different vendors' log sources without having prior knowledge of the underlying log structure
  • User anomaly detection that protects against abnormal access attempts into an organization's environment

LogRhythm provides products and solutions that organizations can use to pinpoint cyber threats and respond to them with speed and efficiency, the company said. It offers a partner program that allows MSSPs, MSPs and other technology providers to use its products and solutions to deliver endpoint monitoring and threat detection, cloud security monitoring and cybercrime and fraud detection services.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.