LogRhythm Blog

Check out the latest security tips and tricks, news, and insights and join in the conversation.

The SIEM Awakens—Identifying Account Lockouts from BYOD

Windows account lockout policies are an effective and recommended best practise for securing against brute force attacks. When these activities occurs within the perimeter of an Enterprise’s network, LogRhythm’s SIEM makes it a simple task to quickly work out the…

Read More

Domain Privilege Escalation Vulnerability

On Tuesday, Microsoft released an emergency update to Windows Server 2003 through 2012 R2 to address a vulnerability that enables an attacker to escalate privileges for any account on a Windows Domain. The vulnerability can be detected in Windows Server…

Read More

What You See is Not What You Copy

Tricking users into copying different commands from what is displayed on a web page… OK, maybe I’m late to this party but I recently came across a very cool attack vector that I had not heard about until now. There’s…

Read More

Do You Trust Your Computer?

These past couple weeks have been a blur. I had the opportunity to attend and speak at both AppSecUSA and DerbyCon and can not say enough good things about these conferences. There were so many excellent talks and activities that…

Read More

Name Changes for AI Engine Rules

With the current Knowledge Base release, LogRhythm Labs will introducing the first round of changes to AI Engine™ Rule organization. This initial stage involves implementing a more intuitive naming scheme for AI Engine&trade Rules. (Note: compliance based Engine&trade Rules will…

Read More

Adding Items to a LogRhythm List via SmartResponse Plugins

SmartResponse™ Plugins allow LogRhythm alarm and AI Engine rules to launch nearly any scriptable action. The most widely-used SmartResponse Plugin is Add Item to List. This plugin makes additions to LogRhythm lists. For example, adding a benign IP or URL…

Read More