As cybercrime continues to grow, your network’s security remains a top priority. To protect your network from potential threats, better access control over your network is paramount. Without it, you could be leaving your organization vulnerable to threats.
To help, LogRhythm released a new SmartResponseTM plugin (SRP) for Zscaler that speeds up the detection of unwanted and blacklisted URLs in your network and gives analysts the ability to quickly take action.
Blacklist URLs for Improved Network Access Control
The SRP for Zscaler Internet Access enables analysts to automatically blacklist unwanted or suspicious URLs in Zscaler when a banned keyword or URL is detected. This prevents employees from visiting sites that aren’t work specific and blocks access to potentially harmful sites.
The plugin simplifies running actions between the LogRhythm NextGen SIEM Platform and Zscaler, centralizing day-to-day security tasks to a single console. The SRP is the newest integration as part of the LogRhythm-Zscaler technology partnership.
How Does LogRhythm and Zscaler Help with Access Control?
How does it work? The NextGen SIEM Platform centrally collects and ingests Zscaler logs using the Zscaler API. The logs are then parsed and normalized to the LogRhythm schema. If a banned keyword or URL is detected, the SRP can automatically blacklist the URL in Zscaler.
In addition to blacklisting URLs, the Zscaler SRP enables analysts to add custom URL categories and provide additional information and speed to investigations. For example, if an alarm detects a custom set of rules, analysts can pull the Zscaler log policy information to add to a LogRhythm alarm for further investigation.
Analysts can also add or obtain information from Zscaler categories (i.e., business use, legal liability, productivity loss, and privacy risk) when investigating suspicious activity via the web console.
Better Website Access Control with LogRhythm and Zscaler
By combining LogRhythm and Zscaler, you’ll have greater access control over your network and the websites employees visit. The joint solution offers the ability to accelerate detection of unwanted or blacklisted URLs and helps you quickly respond to, investigate, and block suspicious website access, minimizing your organization’s risk.