LogRhythm, The Security Intelligence Company, today released new Case Management, Search and Analysis features that enable customers to expedite the detection and qualification of high-impact threats, reduce response times and neutralise damaging cyber-attacks.
Available immediately in LogRhythm’s award-winning Security Intelligence Platform, the company’s latest innovations address a critical and unmet need for greater efficiency and precision in the cyber threat investigation process. They reduce the mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to cyber threats.
“In today’s complex security landscape, it’s never been more important to be able to foster collaboration between multiple team members to expedite the evaluation, prioritisation and response to threats,” said Bill Taylor, Vice President and General Manager, APJ for LogRhythm. “Our highly intuitive and customisable UI, new Case Management and Search and Analysis features make that collaboration more seamless and effective. And, investigations to address and mitigate threats and operational issues can be conducted faster than ever before.”
The growing complexity and sophistication of today’s cyber threats, coupled with an ever-increasing volume of data in which key threat indicators are hidden, necessitates a more coordinated and efficient approach to threat detection and incident response. Information security teams are limited in their ability to prioritise investigations, efficiently gather evidence, centrally track progress and quickly foster collaboration and escalate to more qualified staff.
LogRhythm’s new advanced Search and Analysis capabilities leverage the platform’s highly intuitive and customisable user interface to make the process of crafting targeted searches even faster, which reduces overall time spent on investigations. Its Case Management features provide efficient organisation and central access to all pertinent data surrounding a suspected threat, delivering streamlined workflow and collaboration features that support the full investigation and response process.
“Security teams are struggling with alarm fatigue, too often chasing down the wrong alarms, missing the important ones, and doing all of it inefficiently. We built Case Management, and integrated it directly into our Security Intelligence platform, to optimally enable the security analyst and incident response function, delivering the end-to-end Threat Lifecycle Management™ capabilities required to dramatically reduce the time it takes to detect and respond to threats,” said Chris Petersen, co-founder/CTO at LogRhythm. “These latest innovations speak to LogRhythm’s focus on solving the most pressing challenge CISOs face today – quickly detecting and responding to those threats that could bring harm.”
Highlights of the newly released innovations include:
- Accelerated discovery and qualification of incidents
- Users create a case or escalate an incident with one click from any screen within the LogRhythm user interface.
- Security analysts can set case prioritisation, assignment and view tracking of workloads.
- Improved efficiency of the cyber threat investigation process
- New search creation and quick search pivoting capabilities allow targeted analysis of pertinent forensic information, revealing critically important context to assess the scope of impact and severity of an incident.
- Case provides a single repository of all pertinent data and an ability to quickly add key evidence such as alarm data, log data, log visualisations and external data, such as packet capture and files.
- Case Evidence, available throughout the user interface, provides immediate accessibility to all data associated with a specific case.
- Faster and more efficient response and remediation
- Case dashboard provides real-time visibility into case and incident management activity, including a real-time “news feed” of all investigation and response activity.
- Integration with LogRhythm’s SmartResponse™ feature enables immediate countermeasures and containment actions directly from within a case.
“Enterprise Strategy Group (ESG) research indicates that many organisations remain challenged with their processes around detecting and responding to security events. Furthermore, these security tasks are only getting more complex as security teams collect, process and analyse more and more data,” said Jon Oltsik, senior principal analyst at ESG. “With its latest software release, LogRhythm provides additional capabilities that can help security professionals improve the efficacy and efficiency of security investigations, thus helping them address problems before they turn into major security breaches.”