LogRhythm was a proud sponsor at the recent Palo Alto Networks 2016 Ignite Conference in Las Vegas. It was a fantastic three-day event where we not only got to meet many existing customers and technology partners, but we also were able to demonstrate our powerful integrations between LogRhythm’s Security Intelligence Platform and Palo Alto Network’s Firewall. For those who weren’t able to make it to the event, we wanted to share some of these integrations.
First, using LogRhythm SmartResponse™ (automated incident response), we demonstrated our ability to suspend network access by automatically blocking a source or destination IP address, domain, or user on a Palo Alto Network firewall. Here are some examples of how this integration is being used by LogRhythm customers:
An example of one of our Palo Alto Network SmartResponse integrations is below. Notice an AI Engine correlation alarm that identifies communication against a Threat List has two SmartResponse actions. Once either approved by an analyst, or else automatically run, the SmartResponse adds the destination host in question as a new Address Object, add this to an Address Group, and then, as the Address Group is part of a Security Policy that denies communications, no further access to this IP address is possible.
LogRhythm Alarm Card with SmartResponses
LogRhythm Adds a New Address Object
Watch a more in-depth video demonstration of this SmartResponse in action:
Secondly, we showed off the Dashboard capabilities available to analysts in the LogRhythm Security Intelligence Platform. The LogRhythm WebUI provides the ability to create enterprise-wide views or application-specific views—as in the case with Palo Alto Networks.
Activity around application usage, configuration changes, host or URL access, or security actions such as Wildfire alerts, can all be plotted out in one easy-to-use view.
Several Palo Alto Networks Firewalls Being Displayed in our Palo Alto Networks Dashboard Layout
We’d like to thank our great partner, Palo Alto Networks, for putting on a fantastic show, as well as all of our customers who came by to say hello!
Businesses need to stay proactive to protect their infrastructure from emerging attack vectors. LogRhythm provides a cybersecurity…
The combined company will bring together two cybersecurity SIEM and UEBA innovation leaders with renowned…
Security teams face the challenge of staying ahead of new and advanced threats. By harnessing…