Analytic Co-Pilot

Code on a screen

Q4 2022 Analytic Co-Pilot Use Cases

LogRhythm’s Analytic Co-Pilot Services work with customers every single day to develop, implement, and optimize security use cases that matter to their organizations. Since our last quarterly update, we created new content and research against the latest threats discovered in…

Read More
Introducing Security Spotlights

Introducing Security Spotlights

Gain the Cybersecurity Insights Needed to Reduce Noise, Prioritize Work and Quickly Secure Your Environment. Your cybersecurity needs are constantly changing as cybersecurity threats continue to evolve and increase in complexity. At LogRhythm, we are always looking to make it…

Read More

Detecting and Monitoring Abnormal Login Activity with a Deterministic Rule-Based Approach

Most organisations focus their threat detection and prevention strategies on external actors, but internal threats can cause just as much harm. These threats are not always launched by malicious employees with intentions of inflicting damage, instead they can be caused…

Read More
Woman working on computer using Microsoft Sysmon for Linux

Using Sysmon for Linux to Monitor Against MITRE ATT&CK Techniques

There was a lot covered at this year’s 2022 RhythmWorld Security Conference! In one of our more technical sessions, we discussed Microsoft Sysinternals’ recent release of Sysmon for Linux, an open-source Linux system monitoring tool. You can find the project…

Read More
Working on code

Q3 2022 Analytic Co-Pilot Use Cases

LogRhythm leads with a customer-satisfaction approach in all that we do; that is one of the many reasons why we provide Analytic Co-Pilot Services. Our team works diligently to help customers improve security maturity through the implementation, use, and optimization…

Read More
A female pointing her marker at the board

Q2 Analytic Co-Pilot Security Use Cases

LogRhythm’s Analytic Co-Pilot Services help customers accelerate threat detection and response by guiding users through the implementation and optimization of security analytics content and custom security use cases. While working closely with customers in Q2 2022, the Analytic Co-Pilot team…

Read More
Man coding on computer

Should I Monitor my Endpoints with SIEM?

Cybersecurity analysts often struggle with logging endpoints into their security information and event management (SIEM). This can cause major network blind spots and challenges for security teams conducting threat investigations. If you relate, you’re not alone! In this blog, we’ll…

Read More

PowerShell and Command Line Logging

With exploits, attacks, and hackers using PowerShell more and more, it’s critical to know when powershell.exe is running on a system and what commands run from within it. Windows Security logs can tell you that PowerShell.exe has been created, but…

Read More
Cybersecurity analyst using the LogRhythm SIEM

Catching True Positives in Network Security

LogRhythm’s Analytic Co-Pilot team works with customers to get the most value from their cybersecurity investment; we spend time reducing and removing the false positive alarms within their environment through investigating, tuning the rules, and checking the outputs. Sometimes rules…

Read More