LogRhythm Launches Threat Intelligence Ecosystem and Related Security Analytics Suite to Detect High-Risk Cyber Threats

CrowdStrike, Norse, Symantec, ThreatStream and Webroot Join Industry’s First and Only Threat Intelligence Ecosystem

BOULDER, Colo.—August 19, 2014— LogRhythm, The Security Intelligence Company, today announced the launch of its Threat Intelligence Ecosystem, the industry’s first collective of threat intelligence vendors focused on delivering unprecedented security intelligence via a next-generation security analytics and intelligence platform. The inaugural partners of the ecosystem – CrowdStrike, Norse, Symantec, ThreatStream and Webroot – have joined forces with LogRhythm to collaboratively deliver unparalleled visibility and insight to detect today’s sophisticated, high-risk cyber threats. LogRhythm’s Threat Intelligence Ecosystem represents many of the market’s leading commercial vendors of threat intelligence, each employing a variety of differentiated methods and techniques for successfully acquiring, assessing and verifying their threat intelligence.

Detecting and responding to today’s increasingly sophisticated cyber threats requires pervasive, enterprise-wide visibility and advanced machine analytics, tied with rich external context in the form of relevant, accurate and actionable threat intelligence. This threat intelligence includes data such as low reputation IP addresses and URLs, nefarious email addresses, file names, processes and user agent strings. LogRhythm’s Threat Intelligence Ecosystem enables its award-winning security analytics platform to seamlessly and automatically consume and leverage each ecosystem partner’s unique intelligence. The ecosystem allows customers to choose one or many security intelligence sources, enabling LogRhythm’s platform to deliver faster detection of and response to high-risk cyber threats for mutual customers.

In conjunction with the launch of its Threat Intelligence Ecosystem, LogRhythm has released a corresponding Threat Intelligence Security Analytics Suite to ensure that the threat data unique to each ecosystem partner is accurately captured and recognized by LogRhythm’s Security Intelligence Platform. Mutual customers benefit from LogRhythm’s ability to collect and process all of an organization’s log, flow, event and other machine data, as well as LogRhythm’s endpoint, server and network forensic sensor data, to not only identify activities associated with threat intel, but automatically prioritize incidents corroborated with other high risk events recognized across the IT environment. This pervasive visibility, combined with the rich context provided by one or more Threat Intelligence Ecosystem partners, enables LogRhythm’s Security Intelligence Platform to deliver even faster detection of and response to cyber threats, driving down false positives and reducing meantime to remediate threats.

“We are excited to launch our ecosystem with several of the industry’s leading providers of threat intelligence,” says Chris Petersen, chief technology officer and co-founder of LogRhythm. “Our ecosystem approach ensures that customers can take advantage of broad spectrum intelligence, covering the full gamut of threat intelligence methods. When leveraged via LogRhythm’s industry leading security analytics platform, our out-the-box analytics suites ensure customers can quickly and easily leverage ecosystem intelligence towards the most precise detection of high impact threats possible today.”

LogRhythm’s Threat Intelligence Security Analytics Suite is the latest addition to a growing number of analytics suites developed by LogRhythm Labs and powered by the company’s Security Intelligence Platform. Earlier this month, LogRhythm announced its Honeypot Security Analytics Suite enabling customers to effectively monitor honeypot activity to capture and leverage targeted threat data to fortify network defenses through initiated countermeasures. Other available suites are designed to detect threat vectors such as point-of-sale vulnerabilities, web application exploits and privileged user account misuse.

LogRhythm’s Threat Intelligence Security Analytics Suite is available to customers immediately as part of its award-winning Security Intelligence Platform.

Here’s what several of the Threat Intelligence Ecosystem partners say about the unique collective:

  • CrowdStrike: “CrowdStrike is thrilled to join LogRhythm’s Threat Intelligence Ecosystem and provide operational, strategic and customized intelligence of the threat environment,” said Adam Meyers, vice president of intelligence. “With today’s ever-changing threat landscape, it’s more important than ever to be able to gain context and prioritization into targeted attacks.”
  • Norse: “Norse believes it is important for the security community to work together towards achieving a comprehensive approach to threat intelligence, and LogRhythm’s Threat Intelligence Ecosystem is an important step in that direction,” said Sam Glines, chief executive officer. “While current solutions excel at collecting and analyzing an organization’s internal data, live external threat intelligence like that provided by Norse has proven to provide critical contextual data necessary for the rapid detection of advanced threats enterprises are encountering today.”
  • ThreatStream: “Joining LogRhythm’s Threat Intelligence Ecosystems enhances ThreatStream’s existing ability to deliver community-vetted threat intelligence to customers’ current security infrastructure. It also adds another layer of threat intelligence investigation capabilities to LogRhythm, which helps our customers take more informed and timely actions to cyber threats,” said Sam Davis, vice president of business development. “Because of this, joining LogRhythm’s partner ecosystem was a logical choice. The interoperability provides a proven, open and holistic approach to next-generation network security.”
  • Webroot: “LogRhythm has identified what enterprises need to help them stay ahead of unknown threats, and their Security Intelligence Platform makes it easy to consume,” said Mike Malloy, executive vice president. “Integrating our BrightCloud Security Services provides their customers with the highly-accurate threat intelligence that leading security providers have relied on for years.”

About LogRhythm

LogRhythm is a world leader in NextGen SIEM, empowering organizations on six continents to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution. LogRhythm’s Threat Lifecycle Management (TLM) framework serves as the foundation for the AI-enabled security operations center (SOC), helping customers measurably secure their cloud, physical and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm platform has won many accolades, including being positioned as a Leader in Gartner’s SIEM Magic Quadrant.