The new release of the LogRhythm Axon cloud-based security information and event management (SIEM) platform helps organizations "seamlessly detect, investigate and respond to potential threats within a security operations center," the business said.Here are the key features of the new release:Meanwhile, LogRhythm has added IP Behind Load Balancer Tracking to its network detection and response (NDR) solution to speed up triage when responding to security incidents, the company said.This solution also features model output contextualization to further accelerate threat detection and response, LogRhythm indicated.
- Automated team workflows through case management allows security analysts to track responses to threats, mitigate duplication of efforts and optimize threat mitigation strategies.
- New Signal Replay feature enables SOC teams to test analytics rules to ensure that detections are optimized for their environments.
- Integration of log source onboarding through centralized management eliminates the need for administrators to navigate several servers and user interfaces to complete onboarding.
- Ability to search common events allows security analysts to find relevant security events across different vendors' log sources without having prior knowledge of the underlying log structure.
- User anomaly detection provides protection against abnormal access attempts into an organization's environment.
LogRhythm Enhances Its SIEM, NDR Solutions
In addition to its Axon updates, LogRhythm has announced enhancements to its SIEM solution:- Streamlined onboarding of Beats and Open Collectors consists of LogRhythm services that gather and normalize data from various cloud providers in a single location.
- Enhanced API log source onboarding delivers easy management of Open Collectors and Beats.
- Expanded library of supported log sources and parsing improves correlation and analysis.
