Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


LogRhythm Extends Holistic Threat Analytics Suite

LogRhythm Extends Holistic Threat Analytics Suite with Endpoint Behavioural Anomaly Detection

Provides Visibility Into Endpoints and User Accounts Compromised by Advanced Threat Actors – Enabling Faster Neutralisation of Intruders and Reduced Risk of Data Breach

According to the 2015 Verizon Data Breach Investigation Report (DBIR), 60 percent of breached organisations were initially compromised within minutes, but for most breached organisations, it took substantially longer to detect the intruders. LogRhythm, The Security Intelligence Company, is helping organisations reduce the time it takes to detect intruders across potential points of entry with the release of its Endpoint Threat Analytics Module.

This latest addition to the company’s Holistic Threat Analytics Suite delivers advanced endpoint behavioural anomaly detection and other machine analytic techniques to identify systems compromised through zero-day attacks and custom malware. The Endpoint Threat Analytics module, combined with LogRhythm’s User and Network Threat Analytics modules, gives organisations a holistic view of threats and intrusions across the broad attack surface.

Many intrusions begin with an attacker compromising an endpoint through targeted spear phishing. Once inside, attackers will compromise additional systems and user accounts. In many cases, hundreds of systems and user accounts will be compromised prior to a data breach being realised. Unfortunately, as the DBIR data indicates, even when the intrusion is widespread, most organisations are ill-equipped to detect quickly the activities of an advanced cyber adversary operating within their environment.

LogRhythm’s Holistic Threat Analytics Suite spots advanced threats by modeling a wide variety of behaviours across the entire IT environment. This approach provides holistic visibility into advanced threat operators when “behavioural shifts” occur as they compromise endpoints, applications and user accounts.

LogRhythm’s Holistic Threat Analytics Suite comprises three analytics modules that can be deployed individually or as a whole based on customers’ threat detection needs and overall risk posture:

• The new Endpoint Threat Analytics Module leverages LogRhythm’s System Monitor sensor for real-time forensic data acquisition and extensive visibility into endpoint activity. This module detects threats such as custom malware compromises, suspicious process and user activity, and local data exfiltration.

• The User Threat Analytics module provides extensive visibility into user activity and detects compromised accounts and other suspicious user activity, including insider threats.

• The Network Threat Analytics module leverages LogRhythm’s Network Monitor sensor for real-time generation of Layer 7 SmartFlow™ data, providing extensive visibility into network communications activity at an application level. This module identifies such threats as remote zero-day attacks, internal scans and probes, suspicious application communications and network-based data exfiltration.

These modules leverage LogRhythm’s patented AI Engine technology that applies machine learning and other machine analytics techniques to highly contextualised log and machine data. When all three modules are deployed, customers can correlate and corroborate advanced threats across the holistic attack surface, realising additional analytics value and increasing their chance of detection.

“A successful intrusion doesn’t have to equal a successful breach if you can detect the intruder early in the threat lifecycle and limit dwell time,” said Jon Oltsik, senior principal analyst at Enterprise Strategy Group. “LogRhythm’s Holistic Threat Analytics Suite with the new endpoint anomaly detection capability offers a comprehensive approach to detecting and responding to intruders before they can turn system compromises into damaging data breaches.”

“Advanced threat actors will leverage every possible angle to gain a foothold within their target environment, and they will be successful,” said Chris Petersen, chief technology officer, senior vice president of products and co-founder of LogRhythm. “The best way organisations can be assured of detecting initial compromises quickly is by having visibility across all possible vectors of entry and points of further attack. To achieve this, organisations must be looking for behavioural shifts across user accounts, the network and endpoints.”

The LogRhythm Holistic Threat Analytics Suite, including the User Threat Analytics module, Network Threat Analytics Mmdule and new Endpoint Threat Analytics module, as well as LogRhythm’s supporting Co-Pilot Services, are available today to LogRhythm customers.


© Scoop Media

Business Headlines | Sci-Tech Headlines


Smelter: Tiwai Deal Gives Time For Managed Transition

Today’s deal between Meridian and Rio Tinto for the Tiwai smelter to remain open another four years provides time for a managed transition for Southland. “The deal provides welcome certainty to the Southland community by protecting jobs and incomes as the region plans for the future. The Government is committed to working on a managed transition with the local community,” Grant Robertson said. More>>


Economy: Strong Job Ad Performance In Quarter Four

SEEK Quarterly Employment Report data shows a positive q/q performance with a 19% national growth in jobs advertised during Q4 2020, which includes October, November and December. Comparing quarter 4, 2020, with the same quarter in 2019 shows that job ad volumes are 7% lower...More>>

NIWA: 2020 - NZ’s 7th-warmest Year On Record

The nationwide average temperature for 2020, calculated using stations in NIWA’s seven-station temperature series which began in 1909, was 13.24°C (0.63°C above the 1981–2010 annual average). New Zealand’s hottest year on record remains 2016, when... More>>

Quotable Value New Zealand: Property Market Set To Cool From Sizzling To Warm In 2021

Nostradamus himself could not have predicted the strange series of events that befell our world in 2020 – nor the wild trajectory of New Zealand’s property market, which has gone from “doom and gloom” to “boom and Zoom” in record time. Even ... More>>

PriceSpy: Research Reveals How Shopping Behaviours Have Changed This Christmas

According to a new survey* from PriceSpy , almost 50 per cent of Kiwis are looking to shop locally this Christmas in light of Covid-19; The research also found consumers are changing their shopping habits, with one in seven (14 per cent) getting super-organised ... More>>

Commerce Commission: Noel Leeming Group Warned For Making Delivery Representations Without Reasonable Grounds During COVID-19 Lockdown

Noel Leeming Group has been warned by the Commerce Commission for making delivery representations about two products which, in the Commission’s view, it did not have reasonable grounds for at the time the representations were made. The warning ... More>>