LogRhythm Accelerates Detection and Response to Cyber Threats with New Case Management and Advanced Search Features

Latest Release of Award-Winning Security Intelligence Platform Bolsters Efficiency and Precision of Handling High-Impact Incidents

BOULDER, Colo.—January 21, 2015—LogRhythm, The Security Intelligence Company, today released new Case Management, Search and Analysis features that enable customers to expedite the detection and qualification of high-impact threats, reduce response times and neutralize damaging cyber-attacks. Available immediately in LogRhythm’s award-winning Security Intelligence Platform, the company’s latest innovations address a critical and unmet need for greater efficiency and precision in the cyber threat investigation process to reduce the mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to cyber threats.

“Fostering collaboration among multiple team members to expedite the evaluation, prioritization and response to threats has never been more important given today’s complex threat landscape,” said Michael Ables, senior network systems analyst at Tarleton State University. “LogRhythm’s highly intuitive and customizable UI, new Case Management, and search and analysis features makes that collaboration more seamless and effective. We can now conduct investigations to address and mitigate threats and operational issues faster than ever before.”

The growing complexity and sophistication of today’s cyber threats, coupled with an ever-increasing volume of data in which key threat indicators are hidden, necessitates a more coordinated and efficient approach to threat detection and incident response. Information security teams are limited in their ability to prioritize investigations, efficiently gather evidence, centrally track progress, and quickly foster collaboration with and escalate to more qualified staff.

LogRhythm’s new advanced search and analysis capabilities leverage the platform’s highly intuitive and customizable user interface to make the process of crafting targeted searches even faster, which reduces overall time spent on investigations. Its Case Management features provide efficient organization and central access to all pertinent data surrounding a suspected threat, delivering streamlined workflow and collaboration features that support the full investigation and response process.

“Security teams are struggling with alarm fatigue, too often chasing down the wrong alarms, missing the important ones, and doing all of it inefficiently. We built Case Management, and integrated it directly into our Security Intelligence platform, to optimally enable the security analyst and incident response function, delivering the end-to-end Threat Lifecycle Management™ capabilities required to dramatically reduce the time it takes to detect and respond to threats,” said Chris Petersen, co-founder/CTO at LogRhythm. “These latest innovations speak to LogRhythm’s focus on solving the most pressing challenge CISOs face today – quickly detecting and responding to those threats that could bring harm.”

Highlights of the newly released innovations include:

  • Accelerated discovery and qualification of incidents
    • Users create a case or escalate an incident with one click from any screen within the LogRhythm user interface.
    • Security analysts can set case prioritization, assignment and view tracking of workloads.
  • Improved efficiency of the cyber threat investigation process
    • New search creation and quick search pivoting capabilities allow targeted analysis of pertinent forensic information, revealing critically important context to assess the scope of impact and severity of an incident.
    • Case provides a single repository of all pertinent data and an ability to quickly add key evidence such as alarm data, log data, log visualizations and external data, such as packet capture and files.
    • Case Evidence, available throughout the user interface, provides immediate accessibility to all data associated with a specific case.
  • Faster and more efficient response and remediation
    • Case dashboard provides real-time visibility into case and incident management activity, including a real-time “news feed” of all investigation and response activity.
    • Integration with LogRhythm’s SmartResponse™ feature enables immediate countermeasures and containment actions directly from within a case.

“ESG research indicates that many organizations remain challenged with their processes around detecting and responding to security events. Furthermore, these security tasks are only getting more complex as security teams collect, process and analyze more and more data,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group (ESG). “With its latest software release, LogRhythm provides additional capabilities that can help security professionals improve the efficacy and efficiency of security investigations, thus helping them address problems before they turn into major security breaches.”

About LogRhythm

LogRhythm is a world leader in NextGen SIEM, empowering organizations on six continents to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution. LogRhythm’s Threat Lifecycle Management (TLM) workflow serves as the foundation for the AI-enabled Security Operations Center (SOC), helping customers measurably secure their cloud, physical and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm platform has won many accolades, including being positioned as a Leader in Gartner’s SIEM Magic Quadrant.