Tips & Tricks

How to Make Your SIEM Speak

Your security teams can be responsible for managing a number of logs, so how do you make malicious behavior and alerts stand out? Using LogRhythm’s SmartResponse, you can make your SIEM speak to you and audibly alert to a threat.

Read More

Identifying PowerShell Tunneling Through ICMP

Hackers are constantly looking for ways to bypass traditional network defenses, and exploiting the Internet Control Message Protocol (ICMP) as a covert channel for a reverse shell is a commonly used method for attack. However, you can use LogRhythm’s NetMon to identify PowerShell tunneling through an ICMP.

Read More

Analyzing ICMP Traffic with NetMon

No matter how old a internet protocol is, you must still consider it in your security operations program. Learn how to analyze ICMP traffic with NetMon.

Read More

Automate Project Management with SmartResponse

The SIEM is a great central aggregate for case data and analytics, but also has the ability to give your team back valuable time if you take advantage of automation. LogRhythm’s SmartRepsonse tegrates with project-management tools to create automated responses and ease your team’s workload.

Read More

NotPetya Technical Analysis

Although initially labeled as ransomware due to the ransom message that is displayed after infection, it appears now that NotPetya functions more as a destructive wiper-like tool than actual ransomware. This post reviews an in-depth technical analysis of NotPetya, including recommended security measures.

Read More

Deploying NetMon Freemium at Home to Monitor IoT Devices

It is now extremely pertinent to be vigilant about the embedded systems used throughout your home. With NetMon Freemium, you can download and run this software on a micro-PC. This means you can fully monitor your home network IoT devices quickly and easily, for little to no cost.

Read More