LogRhythm 7 Accelerates Cyber Threat Detection
LogRhythm 7 Accelerates Cyber Threat
Detection and Response via Revolutionary Search,
Optimisation in Processing and Indexing
Extends Efficiencies and Effectiveness of Next-Gen SOCs
LogRhythm, The Security Intelligence Company, today unveiled LogRhythm 7, a major upgrade to its leading security intelligence and analytics platform. Innovations in search, scalability, performance and security operations efficiencies will help organisations detect and respond faster to advanced cyber threats.
Version 7 of the LogRhythm security intelligence and analytics platform provides the visibility, automation and incident response orchestration capabilities required by the next-generation security operations centre (SOC). The platform accomplishes this by collecting information from hundreds of thousands of disparate data sources, then analysing and prioritising the data and events. The resulting information becomes instantly available to SOC personnel.
In its 2015 Global Cost of Data Breach Study, the Ponemon Institute cited a continual rise in cyber attack frequency and the costs associated with resolving cyber incidents. As such, IT teams must increase their visibility and analytics capabilities to detect intruders faster and enable rapid, efficient and precise response to avoid a material breach or high-impact cyber incident.
“The sophistication and resolve of today’s cyber adversaries continue to rise, as does the number of successful intrusions,” said Chris Petersen, senior vice president of products, CTO and co-founder at LogRhythm. “But an intrusion doesn’t have to lead to a major breach or cyber incident. The innovations in LogRhythm 7 empower IT security teams to detect, respond to and neutralise cyber intruders faster and more efficiently.”
“LogRhythm 7's incident response orchestration and SmartResponse™ automation capabilities are helping us detect and respond to threats faster than ever,” said Gary Kay, senior information security manager at Checkers Drive-In Restaurants. “Our IT environment is geographically dispersed and ever-evolving, so LogRhythm is an essential tool.”
LogRhythm 7 delivers an abundance of
innovation and security intelligence breakthroughs
including:
• Elasticsearch™-Based Indexing to Expedite Investigations: LogRhythm’s new data indexing architecture delivers improved speed and precision of search. The introduction of Elasticsearch enables powerful full-text unstructured search capabilities. When combined with LogRhythm’s contextual search, users benefit from a highly intuitive search experience that provides the power and precision to get to the right data fast—resulting in faster investigations and faster response.
• Architectural Advancements to
Harness and Manage Big Data More Efficiently:
LogRhythm 7 introduces significant software
innovations and architectural improvements at the data
processing and indexing tier.
•
oUp to 300 percent
improvement in data indexing performance on a per-node
basis.
oThe ability to separately and optimally scale
data processing and data indexing.
oActive/active
high-availability data processing and indexing.
oThe
introduction of Elasticsearch and clustering at the indexing
tier.
With these combined improvements, LogRhythm 7 supports massive data management workloads with less compute and storage resources, while delivering high availability. Software efficiencies, combined with our focus on ease-of-use, will help customers realise continued lower cost of ownership.
·Powering the Next-Gen
SOC
LogRhythm 7 offers myriad innovations that make SOC
personnel and management more efficient and informed across
monitoring, investigation and incident response workflows.
As a whole, these improvements help organisations realise
improved operational effectiveness of existing staff, while
reducing mean-time-to-detect (MTTD) and mean-time-to-respond
(MTTR) to threats.
• New Real-Time Threat
Activity Map provides powerful, interactive
visualisations depicting geographic origin and targets of
active threats, empowering SOC analysts to detect and
respond more quickly to concerning attack
patterns.
•
• New Risk-Based-Scoring
Algorithm uses environmental threat and risk
factors to yield a higher level of precision in prioritising
alarms, enabling more efficient, risk-aligned monitoring
operations.
•
• Incident Response
Orchestration Advancements improves support for
customised SOC workflows, cross-team collaboration
capabilities and management visibility into active
incidents.
•
• Extensions to the
SmartResponse™ Automation Framework enable
multiple pre-staged actions from a single alarm, as well as
centralised management of actions from remote locations.
These extensions also allow customers to automate a variety
of common investigatory and remediation actions at the
endpoint, such as scanning an attacked endpoint and/or
quarantining it from the network, easily and
effectively.
•
“Today’s next-gen SOC personnel require highly scalable and extremely efficient solutions to detect intruders quickly and initiate appropriate countermeasures fast enough to avoid a material data breach,” said Chris Kissel, industry analyst for Frost and Sullivan. “LogRhythm optimises enterprise security monitoring, detection and response programs by delivering an integrated product line that supports the end-to-end detection and response workflow. With LogRhythm 7, the company is once again demonstrating its innovation leadership in security intelligence through its use of Elasticsearch, powerful visualisations via its new real-time threat map and with a number of extensions to its automated response framework.”
LogRhythm 7 is available immediately. For more information, visit http://www.logrhythm.com/logrhythm-7/
ends