New versions of LogRhythm’s SIEM platform, NDR and UEBA solutions increase efficiency and improve security for customers
LogRhythm, the company that helps busy and lean security teams save the day, today announced the release of version 7.9 of the LogRhythm SIEM platform and updates to LogRhythm NDR and LogRhythm UEBA.
“LogRhythm arms security teams with intelligent analytics and automated responses to reduce cybersecurity exposure, eliminate blind spots and quickly stop attacks,” said Kish Deal, LogRhythm’s chief product and customer officer. “The company is changing the way we work by becoming customer-centric across our entire organization. We listen to our customers and promise to deliver quarterly innovations that solve the problems our customers face every day. We understand that security teams don’t have time for long processes and inefficient workflows. With these latest updates, security teams will have the tools they need to make operations more efficient and effective to protect their organization against today’s major threats.”
LogRhythm 7.9, LogRhythm NDR (formerly Mistnet NDR), and LogRhythm UEBA (formerly CloudAI) deliver new features designed to help security teams overcome daily obstacles by accelerating threat response, improving workflows, and simplifying processes, including:
Faster time to assessment thanks to improved analyst workflows
- Improved automation with the Admin API: LogRhythm 7.9 improves the admin API by adding system monitoring management endpoints (LogRhythm SysMon) to the API library. It allows SIEM administrators to connect via the admin API and manage the SysMon agent, enabling automated batching of processes.
- Built-in expertise: LogRhythm accelerates customer time estimation with standard LogRhythm SmartResponse™. LogRhythm 7.9 includes added and improved SmartResponses to its already extensive library of over 120 integrations.
- Enable packet capture in the UI: LogRhythm NDR users can download PCAP files for specific incidents and cases to obtain more detailed information, aiding investigations and improving threat detection.
- Easier and faster event log filtering: LogRhythm 7.9 includes a new way to filter logs in the agent. Users can now select the types of Windows event logs that the agent requests, which speeds up log processing time and relieves the collection pipeline.
Advanced threat detection capabilities
- Improved LogRhythm NDR detection models: Users can detect a wider range of ransomware attacks with LogRhythm NDR’s enhanced analytics capabilities.
- Advanced analytics models: LogRhythm UEBA offers advanced UEBA analytics as a cloud-based, easy-to-deploy add-on for LogRhythm 7.9 users. Models have been improved and new ones added to ensure detection of today’s sophisticated attacks and detection of anomalies that require priority attention, further reducing alert fatigue and speeding response time.
- Policy Violation Alerts: LogRhythm NDR offers alerts on expired certificates, weak ciphers used in connections, and authentication actions that occur in clear text, offering additional context on what might represent a risk.
- Controlled overruns with powerful license measurement reports: LogRhythm added a new reporting feature to make license overages more visible and easier to understand by displaying overages for the last 30 days. This feature will help teams better manage license usage and costs.
- Advanced endpoint integration: LogRhythm now includes Cisco Secure Endpoint (formerly AMP for Endpoints) in its family of EDR integrations.
To learn more about LogRhythm solutions, schedule a demo with a LogRhythm expert.
LogRhythm helps busy and lean security teams save day after day. Security professionals have a lot on their shoulders — the reputation and success of their company, the safety of citizens and organizations around the world, the safety of critical resources — the burden of protecting the world.
LogRhythm helps ease that burden. The company is on the front lines of defense against many of the world’s most significant cyberattacks and empowers security teams to navigate the ever-changing threat landscape with confidence. As allies in the fight, LogRhythm brings together a comprehensive and flexible security operations platform, technology partnerships and consulting services to help SOC teams close the gaps. Together, LogRhythm and our customers are ready to protect. Learn more at logrhythm.com.