Build a Highly Efficient SOC—Even with Limited Resources
Security Teams are Overwhelmed If your team is struggling to keep up and getting bogged down by manual processes, it may feel like you will never be one step ahead of cyberthreats that may threaten your business. In a perfect…
Read More
August 1, 2017
Identifying PowerShell Tunneling Through ICMP
Hackers are constantly looking for ways to bypass traditional network defenses, and exploiting the Internet Control Message Protocol (ICMP) as a covert channel for a reverse shell is a commonly used method for attack. However, you can use LogRhythm’s NetMon…
Read More
July 26, 2017
Analyzing ICMP Traffic with NetMon
The Internet Control Message Protocol (ICMP) is one of the foundational internet protocols that define how systems talk to each other. Commands such as ping and traceroute are supported by ICMP. Based on request for comments (RFC) 792, ICMP has…
Read More
July 26, 2017
Northampton County Improves Visibility and Automation with LogRhythm
LogRhythm Enhances Efficiency by Streamlining Security Operations Bob Mace, senior information security analyst, leads a small IT team to manage and secure Northampton County’s IT infrastructure. As the team faced mounting challenges and time-consuming manual processes, Mace turned to LogRhythm.…
Read More
July 20, 2017
Automate Project Management with SmartResponse
The SIEM is a great central aggregate for case data and analytics, but also has the ability to give your team back valuable time if you take advantage of automation. The more automation you can build into a SIEM, the…
Read More
July 20, 2017
Using the Internet of Things and SmartResponse to Receive SIEM Alarms
Wouldn’t it be great if you could be notified of SIEM alarms through the Internet of Things (IoT)? Well, now you can! Introducing the Philips Hue SmartResponseâ„¢ and PowerShell script. Imagine that your analysts are busy working on other things,…
Read More
July 6, 2017