LogRhythm Security Spotlight
Cybersecurity insights to reduce noise, prioritize work, and quickly secure your environment
Learn About Trending Cyberthreats and How to Detect Them
LogRhythm’s Security Spotlight video series shares key insights into trending cyberthreats to help you defend against evolving attacks. Tune in every week as our experts provide you with tips for how to improve your security maturity and use cases that are based on our customers’ needs when working with Analytic Co-Pilot team.
Watch Our Five Most Recent Security Spotlights
Monitor for Unauthenticated Cross Account Attacks
Dive into the world of AWS security! In this Security Spotlight, discover a simple way to monitor for unauthenticated cross account attacks using SIEM.
Customers can learn more and download detection rules from LogRhythm Community here.
Account Discovery Windows (T1087.001)
Check out a quick overview on the way adversaries may use native Windows commands to assist in account discovery.
Customers can learn more and download detection rules from LogRhythm Community here.
Detecting SCR File Execution Using Rundll32 (T1218.011)
In this Security Spotlight video, discover how LogRhythm can help you detect activity related to the execution of malicious files with the .scr extension.
Customers can learn more from LogRhythm Community here.
Monitoring Virtual Network Computing (T1021.005)
In this Security Spotlight video, here is a quick overview on Virtual Network Computing (VNC) and how you can monitor for its misuse.
Customers can learn more from LogRhythm Community here.
Detecting Credential Dumping within LSASS
LSASS is a fundamental component of all Windows Operating systems. Over time, we have seen many malwares use credential dumping as part of a larger attack chain. Monitoring the lsass.exe execution, as well as rundll32 execution in conjunction with comsvcs.dll, will increase visibility and capability to react immediately.
Customers can learn more from LogRhythm Community here.
View All Security Spotlights in the Playlist Below
Experience LogRhythm SIEM in action
See how you can mature your security operations by improving your time to detect and respond to threats. Schedule a demo with one of our team today.
