Insider Threat Use Case: Detecting and Stopping Cryptojacking

We detected and stopped an insider threat before this individual turned LogRhythm into a part-time cryptocurrency mining operation. This highlighted the need for focused user entity and behavioral analytics (UEBA) across the organization, as business threats can come in many shapes and sizes.

Read More

Dynamic Data Exchange (DDE): Detection and Response, Part 1

Malicious actors have begun using Microsoft’s Dynamic Data Exchange (DDE) mechanism to deliver payloads via Microsoft Office documents instead of the traditional embedded macros or VBA code. Using LogRhythm’s integration with Carbon Black, security operations center (SOC) analysts can efficiently detect, mitigate, and remediate a Microsoft DDE-based attack.

Read More

Optimize Platform Performance with Case Management

LogRhythm’s built-in Case Management provides end-to-end Threat Lifecycle Management (TLM), but in order to maximize efficiency and provide key performance indicators (KPIs), a case tagging schema needs to be chosen and implemented.

Read More