LogRhythm NDR Enables Analysts to Investigate Threats More Quickly with a New User Interface

LogRhythm NDR's Geography Dashboard showcasing threat anomalies and threat severity on maps in the new User Interface.

It’s easy to get lost in the noise when trying to monitor, surface, and detect threats across network traffic. LogRhythm NDR identifies traffic anomalies that signal malicious activity such as command and control, lateral movement, data exfiltration, and malware activities. LogRhythm NDR can detect sophisticated evasion methods or “known unknown” cyberthreats to brand new zero-day threats or “unknown unknowns.”

With our April LogRhythm NDR release, we wanted to ensure that those traffic anomalies that signal malicious activity surface quickly and that information is easily digested. That is why we focused on completing the overhaul of the new User Interface to make NDR more streamlined; increasing the productivity of the SOC/network team.

In addition, we have created computer-based training for LogRhythm NDR, helping our customers gain a quicker time to value and easily adopt the entire platform.

A New UI for Better Threat Detection  

We’ve been slowly introducing our new UI to our customers since the October 2022 quarterly release. In the April quarterly release, we moved all features and functionality to our new UI. By introducing a more dynamic framework that prioritizes surfacing the most significant information to the analyst, threat detection capabilities are more efficient and effective. In addition, the new UI also has the ability to filter and search much more quickly, enabling analysts to find information as quickly as possible. And this is just the beginning, the new UI sets the foundation for even more optimized workflows in the future. 

Figure 1: Watch for a quick overview of our new UI. 

If you are a current customer, you can get acquainted with the new UI in the LogRhythm NDR product by clicking on the blue “TRY NEW UI” button in the top right corner of the NDR interface. Get acquainted now as the new UI will become the default setting during our July Quarterly Release. 

Gain a Faster Time to Value with New NDR Product Training   

We’re always on the hunt to find new ways to help our customers gain full value on our platform. That’s why we have started the journey of developing new avenues for training to help our customers receive as much value as possible out of the NDR platform.  

  • Computer-based training: Our first course is designed as a first step for anyone new to Network Detection and Response (NDR). It defines what an NDR solution is, and why it is helpful. We’ll provide an overview of LogRhythm NDR’s unique architecture — how packets are processed by Probe Nodes, our mesh architecture, and how Security Engines become Events, Indicators of Attacks, Cases, and Incidents. To access the Intro to LogRhythm: What is NDR? training course, please log into your LogRhythm University account.

Information and documentation on these new enhancements can be found in our Release Notes, further enabling our customers to easily implement new enhancements to LogRhythm NDR.

We continue to innovate based on customer feedback so that organizations can better detect threats across their network. For information about LogRhythm NDR, read the data sheet or April LogRhythm NDR release.