Success Services

Q4 2023 cybersecurity use cases from LogRhythm Success Services

Q4 2023 Security Use Cases: Insights From Success Services

As part of Success Services, this past quarter LogRhythm consultants have been hard at work helping customers improve their defenses against cyberthreats. This quarter, the team observed a shift in attack vectors back into Credential evasion via NTLM, DC manipulation, and…

Read More
Writing on notepad

Q3 2023 Analytic Co-Pilot Use Cases

As part of the Subscription Services team, the consultants delivering the Analytic Co-Pilot Service, have come together to share Q3 2023 security use cases we have worked on in our own internal environments, as well as with LogRhythm customers. We…

Read More
Two men sitting at a table having a discussion

Q2 2023 Analytic Co-Pilot Use Cases

As part of the Subscription Services team, our Analytic Co-Pilot Service consultants worked on a variety of security use cases in Q2 2023 within our own internal environments, as well as our customers. These collaborative efforts continue to grow the…

Read More
Two woman speaking at work.

Q1 2023 Analytic Co-Pilot Use Cases

LogRhythm’s Analytic Co-Pilot Services helps customers around the globe streamline use case development, tuning, and investigations. To keep up with the latest threats and trends within the industry, we work with our customers to build comprehensive coverage and leverage security…

Read More
Code on a screen

Q4 2022 Analytic Co-Pilot Use Cases

LogRhythm’s Analytic Co-Pilot Services work with customers every single day to develop, implement, and optimize security use cases that matter to their organizations. Since our last quarterly update, we created new content and research against the latest threats discovered in…

Read More
Introducing Security Spotlights

Introducing Security Spotlights

Gain the Cybersecurity Insights Needed to Reduce Noise, Prioritize Work and Quickly Secure Your Environment. Your cybersecurity needs are constantly changing as cybersecurity threats continue to evolve and increase in complexity. At LogRhythm, we are always looking to make it…

Read More

Detecting and Monitoring Abnormal Login Activity with a Deterministic Rule-Based Approach

Most organisations focus their threat detection and prevention strategies on external actors, but internal threats can cause just as much harm. These threats are not always launched by malicious employees with intentions of inflicting damage, instead they can be caused…

Read More
Woman working on computer using Microsoft Sysmon for Linux

Using Sysmon for Linux to Monitor Against MITRE ATT&CK Techniques

There was a lot covered at this year’s 2022 RhythmWorld Security Conference! In one of our more technical sessions, we discussed Microsoft Sysinternals’ recent release of Sysmon for Linux, an open-source Linux system monitoring tool. You can find the project…

Read More
Working on code

Q3 2022 Analytic Co-Pilot Use Cases

LogRhythm leads with a customer-satisfaction approach in all that we do; that is one of the many reasons why we provide Analytic Co-Pilot Services. Our team works diligently to help customers improve security maturity through the implementation, use, and optimization…

Read More
A female pointing her marker at the board

Q2 Analytic Co-Pilot Security Use Cases

LogRhythm’s Analytic Co-Pilot Services help customers accelerate threat detection and response by guiding users through the implementation and optimization of security analytics content and custom security use cases. While working closely with customers in Q2 2022, the Analytic Co-Pilot team…

Read More
Using an iPhone

Should I Monitor my Endpoints with SIEM?

Cybersecurity analysts often struggle with logging endpoints into their security information and event management (SIEM). This can cause major network blind spots and challenges for security teams conducting threat investigations. If you relate, you’re not alone! In this blog, we’ll…

Read More

PowerShell and Command Line Logging

With exploits, attacks, and hackers using PowerShell more and more, it’s critical to know when powershell.exe is running on a system and what commands run from within it. Windows Security logs can tell you that PowerShell.exe has been created, but…

Read More
Cybersecurity analyst using the LogRhythm SIEM

Catching True Positives in Network Security

LogRhythm’s Analytic Co-Pilot team works with customers to get the most value from their cybersecurity investment; we spend time reducing and removing the false positive alarms within their environment through investigating, tuning the rules, and checking the outputs. Sometimes rules…

Read More