The new release of the LogRhythm Axon cloud-based security information and event management (SIEM) platform helps organizations "seamlessly detect, investigate and respond to potential threats within a security operations center," the business said.
Here are the key features of the new release:
- Automated team workflows through case management allows security analysts to track responses to threats, mitigate duplication of efforts and optimize threat mitigation strategies.
- New Signal Replay feature enables SOC teams to test analytics rules to ensure that detections are optimized for their environments.
- Integration of log source onboarding through centralized management eliminates the need for administrators to navigate several servers and user interfaces to complete onboarding.
- Ability to search common events allows security analysts to find relevant security events across different vendors' log sources without having prior knowledge of the underlying log structure.
- User anomaly detection provides protection against abnormal access attempts into an organization's environment.
LogRhythm Enhances Its SIEM, NDR Solutions
In addition to its Axon updates, LogRhythm has announced enhancements to its SIEM solution:
- Streamlined onboarding of Beats and Open Collectors consists of LogRhythm services that gather and normalize data from various cloud providers in a single location.
- Enhanced API log source onboarding delivers easy management of Open Collectors and Beats.
- Expanded library of supported log sources and parsing improves correlation and analysis.
Meanwhile, LogRhythm has added IP Behind Load Balancer Tracking to its network detection and response (NDR) solution to speed up triage when responding to security incidents, the company said.
This solution also features model output contextualization to further accelerate threat detection and response, LogRhythm indicated.
LogRhythm Offers In-Product Resource Centers
Along with updating its Axon, SIEM and NDR solutions, LogRhythm has created new in-product resource centers for its Axon and LogRhythm solutions to "equip security teams with tools they need to quickly understand how to best utilize the platforms and realize a faster time to value," the company said.
The resource centers provide users with access to tutorials, documentation, release information and the LogRhythm Community for support from the security community, the business stated.
LogRhythm Provides Axon to Australian Organizations
LogRhythm has established a new instance in Australia, ensuring that organizations can utilize Axon to strengthen their security operations and ensure comprehensive protection against cyberattacks, LogRhythm noted.
LogRhythm helps organizations generate insights from threat data and signals. It offers a partner program and has established partnerships with Cimcor, Mimecast and other cybersecurity and technology providers.