LogRhythm Labs

LogRhythm SIEM material incident playbook for compliance

How to Leverage Case Playbooks for Compliance 

Mature security processes should involve leveraging playbooks to guide their responses to potential breaches and ensure compliance with regulations. These playbooks serve as dynamic blueprints, outlining predefined steps, protocols, and best practices tailored to specific scenarios. Harnessing the power of…

Read More

Artificial Intelligence – A Danger to Patient Privacy?

Industries worldwide have integrated artificial intelligence (AI) into their systems as it promotes efficiency, increases productivity, and quickens decision-making. ChatGPT certainly raised eyebrows as it demonstrated similar characteristics at the start of its debut back in November 2022.  The healthcare sector…

Read More
Microsoft Office Building

Detecting Microsoft Exchange Zero-Day Exploits

What is a Zero-Day Exploit? What Can be Done About Them? In cybersecurity, a zero-day exploit refers to the method a hacker uses to take advantage of a security vulnerability in a computer system, software, or network. When a zero-day…

Read More

First Line of Defense: The State of the Security Team

Join LogRhythm CISO Andrew Hollister and LogRhythm deputy CISO Kevin Kirkwood to learn more about the state of the security team and how to maximize your team’s efforts to increase security and productivity.

Read More

Cyber Warfare: The New Frontline

In this webinar, Sally Vincent, LogRhythm senior threat research engineer, dives deep into the state of cyber warfare, exploring risk evaluation and how the White House directives can assist operations. Join Sally as she showcases how LogRhythm can help you turn threat reports into detections for your benefit.

Read More

Deep-Dive Analysis of Multi-Factor Authentication Request Generation Attacks

With so many phishing attacks targeting credentials, more organizations are realizing they need multi-factor authentication (MFA) for users with access to critical data. Watch this live webinar to gain more insight into MFA prompt bombing and mitigation strategies!

Read More
Digitalisation World Logo

A Framework First Approach for Cybersecurity

Andrew Hollister, LogRhythm CISO and VP of LogRhythm Labs, discusses the findings of a recent report, produced in association with the Ponemon Institute – covering the current threat landscape, the need for clear communications between the CISO and the CEO/board…

Read More
Man typing on cellphone

Defending Against Multi-Factor Authentication Fatigue Attacks

Implementing a multi-factor authentication (MFA) solution in your organization adds significant protection against user account compromise, but by no means is MFA hacker-proof. There are many tactics cybercriminals use to defeat MFA security, such as SIM swapping, transparent proxies, and…

Read More
Microsoft Office apps

Detecting Follina (CVE-2022-30190): Microsoft Office Zero-Day Exploit

Follina (CVE-2022-30190) is a Microsoft Office zero-day vulnerability that has recently been discovered. It’s a high-severity vulnerability that hackers can leverage for remote code execution (RCE) attacks. To help you prevent a damaging breach, LogRhythm Labs provides insight into the…

Read More
The Great Exfiltration: Employees Leave and Take the Keys

The Great Exfiltration: Employees Leave and Take the Keys

According to the 2022 Ponemon Institute Cost of Insider Threats: Global Report, insider threat incidents have risen 44% over the past two years, with costs per incident up more than a third to $15.38 million. Among the reasons for this…

Read More
Custom Okta Analyze Web UI dashboard

The LAPSUS$ Supply Chain Attack: Third-Party Playbooks and Detections

How to leverage third-party incident response procedures to detect threats using SIEM Detecting fraudulent authentication and authorized activity is difficult at best. Many businesses face challenges when detecting fraudulent use of their systems by a third-party organization that has federated…

Read More

How Did We Get Here? The Past, Present, and Future of Supply Chain Risk

Watch Avertium and LogRhythm as they discuss the impact of historical supply chain attacks, what the future of supply chain risk looks like, and what you can be doing now to prevent a potential breach.

Read More
The Evolution and Life of a CISO

The Evolution and Life of a CISO

Read More
Log4Shell Vulnerability

Impact and Insights on Log4Shell Vulnerability

 The recently-disclosed “Log4Shell” vulnerabilities in Apache Log4j 2 had a major impact in the cybersecurity world due to the severity of the exploit and the incredibly widespread use of Log4j 2 in modern software. In this webinar the LogRhythm…

Read More

2022 Cybersecurity Predictions: Top Five Threats

Speakers also share their recommendations for how security teams can be ready to defend against threats in 2022 and beyond.

Read More
LogRhythm WebUI dashboard filtered on "Rare known application:DNS

Threat Hunting Anomalous DNS and LDAP Activity with Trend Rules

The recent Log4Shell (CVE-2021-44228) vulnerability is the impetus to creating this blog and discussing how you can use LogRhythm AI Engine (AIE) “Trend rules” to effectively detect anomalous behavior. This approach can likely be used in other technologies outside of…

Read More
Maze ransomware business model

Top Ransomware Detection Techniques

Ransomware is defined as a type of malware that blocks access to data until a sum of money is paid. This niche type of cybercrime is now big business due to the rise of cryptocurrency and the ransomware as a…

Read More

Enriching MITRE ATT&CK Techniques for Better Threat Detection

Read More