A Roundup of LogRhythm’s Most Visited Technical Blog Posts
Posted by: Mandy Schnirel
The LogRhythm blog is an abundance of content and insight from our LogRhythm Labs team, security tips and tricks, threat research, infosec news, use cases from our customers, and more to help you stay at the top of your game…
Read More
June 19, 2020
Anatomy of a Hacker Group: APT29 (AKA Cozy Bear)
Watch the on-demand webinar now to learn from members of LogRhythm Labs’ threat research team and Randy Franklin Smith of Ultimate Windows Security, who will do a deep-dive into the APT29 threat group, their activities, and how you can automate the detection and mitigation of threats either associated with the group or that use similar techniques.
Read More
June 9, 2020
LogRhythm Joins NCCoE’s Technology Collaborators to Help Secure Telehealth Remote Patient Monitoring Ecosystem
Posted by: James Carder
It is with great excitement that I share LogRhythm’s involvement in the newest healthcare project from the National Cybersecurity Center of Excellence (NCCoE) — Securing Telehealth Remote Patient Monitoring Ecosystem. The project aims to provide a reference architecture that will…
Read More
May 21, 2020
A Security Analyst’s Guide to Monitoring Remote VPN Activity in the LogRhythm SIEM
Posted by: Brian Coulson
Remote work is no longer a trend, and is becoming the norm for many companies. Whether your organization has been practicing remote work for a while, or it is just beginning to adopt work-from-home policies, VPN monitoring — the ability…
Read More
May 21, 2020
Deepen Your Remote Desktop Protocol Visibility with Log Sources
Posted by: Andrew Hollister
Remote desktop is a common feature in operating systems. It allows a user to connect to a computer in another location and interact with the desktop remotely. Microsoft implemented this capability via its Remote Desktop Protocol (RDP) for Windows desktop…
Read More
April 24, 2020
What DoD Contractors Need to Know About the New Cybersecurity Maturity Model Certification
Posted by: Kyle Dimitt
The Cybersecurity Maturity Model Certification (CMMC) is a new requirement from the U.S. Department of Defense (DoD). It mandates that DoD contractors obtain third-party certification to ensure appropriate levels of cybersecurity practices are in place to meet “basic cyber hygiene,”…
Read More
April 22, 2020
Monitor Zoom Security and Privacy Risks Using the LogRhythm NextGen SIEM
Posted by: Andrew Hollister
The mass migration to remote working in recent times has caused an increased focus on the security of remote collaboration tools. LogRhythm has found a variety of these tools in our customer base and has built collection methods and analytics…
Read More
April 21, 2020
Detecting Young Domains with Palo Alto Networks and LogRhythm
Posted by: Brian Coulson
As the world continues dealing with a pandemic involving the coronavirus disease (COVID-19), malicious campaigns are well underway. For example, an opportunistic attacker will leverage a user’s sense of urgency and curiosity to prompt them to open a malicious email,…
Read More
April 9, 2020
5 PCI-DSS Compliance Questions Every Security Analyst Should Ask
Posted by: Kyle Dimitt
If you are involved in taking payment for a good or service of any kind, you are likely required to comply with the Payment Card Industry Data Security Standards (PCI-DSS). This comprehensive security framework and compilation of best practices applies…
Read More
April 9, 2020
Using Open-Source Intelligence to Detect Attacks Using Newly Created Domain Names
Posted by: LogRhythm Labs
When high-profile threats surface, they are often accompanied by a flurry of information sharing from security researchers and practitioners. The information they share can be delivered in a variety of formats. For example, following the recent malware activity surrounding the…
Read More
April 1, 2020