Security Tips and Tricks

Monitoring Remote Worker on VPN

A Security Analyst’s Guide to Monitoring Remote VPN Activity in the LogRhythm SIEM

Remote work is no longer a trend, and is becoming the norm for many companies. Whether your organization has been practicing remote work for a while, or it is just beginning to adopt work-from-home policies, VPN monitoring — the ability…

Read More

Use Case: Detect and Respond to Malware Traffic with NDR

As malicious actors continue to use a variety of techniques to evade detection, it’s paramount to protect your organization’s network activity. You need a solution that can detect and prevent malicious network activity. One solution is network detection and response…

Read More
prevent data exfiltration with network traffic analytics

Prevent Data Exfiltration with Network Traffic Analytics

When it comes to company data, you need to protect it at all costs. But it is hard to defend what you can’t see. This blog post will explore techniques threat actors commonly use to illegally copy an organization’s data,…

Read More

What is Network Detection and Response?

Networks are becoming more complex and widely distributed, so full visibility is more critical than ever before to being able to detect and stop threats before they become a breach. We have all read headlines about companies that suffered from…

Read More

Deepen Your Remote Desktop Protocol Visibility with Log Sources

Remote desktop is a common feature in operating systems. It allows a user to connect to a computer in another location and interact with the desktop remotely. Microsoft implemented this capability via its Remote Desktop Protocol (RDP) for Windows desktop…

Read More

Lateral Movement and How to Detect It

You may have heard of the concept of lateral movement within the context of security operations and possess a general idea of how threat actors leverage this tactic to gain access to your data. But what exactly is lateral movement?…

Read More

Monitor Zoom Security and Privacy Risks Using the LogRhythm NextGen SIEM

The mass migration to remote working in recent times has caused an increased focus on the security of remote collaboration tools. LogRhythm has found a variety of these tools in our customer base and has built collection methods and analytics…

Read More

Measure the Maturity of Your SOC in the LogRhythm NextGen SIEM Platform

If you are a security operations center (SOC) manager, reducing risk is your No. 1 priority. Even if you are not tracking any metrics today, you know how important metrics are for proving out the value, efficiency, and needs of…

Read More

Detecting Young Domains with Palo Alto Networks and LogRhythm

As the world continues dealing with a pandemic involving the coronavirus disease (COVID-19), malicious campaigns are well underway. For example, an opportunistic attacker will leverage a user’s sense of urgency and curiosity to prompt them to open a malicious email,…

Read More

Automate Amazon S3 Provisioning for Healthcare Compliance with SOAR

Cloud storage instances like Amazon Simple Storage Service, Amazon S3, have made it easier than ever before for healthcare professionals to access and share valuable patient data. While these advancements have improved customer care across providers, configuring access policies, provisioning…

Read More