Detects Ransomware, Spear Phishing, APTs and Other Tier-1 Threats Faster
BOULDER, Colorado—May 17, 2016—LogRhythm, The Security Intelligence Company, today announced immediate availability of NetMon 3. This latest version of the industry’s leading network monitoring, analytics and forensics solution empowers organizations to detect, investigate and neutralize today’s most advanced and concerning threats such as ransomware, spear phishing and APTs faster and with greater precision than ever before.
Leading the list of new innovations introduced in NetMon 3 is Deep Packet Analytics (DPA). DPA performs real-time, automated, machine analytics on all network traffic, applying behavioral and statistical analysis to rich data sets produced by NetMon’s Full Packet Capture and Layer 7 SmartFlow™ features. The result is unprecedented speed and precision in detecting advanced threats traversing enterprise networks. This lowers the risk of high-impact breaches and improves efficiency and effectiveness of information security staff.
“When an attack hits, the tools we use need to have broad capabilities, be highly intuitive with a practical interface, and enable us to be efficient and precise in our response,” said Jack Callaghan, senior security engineer, CISSP CISM CIPP, Pulte Mortgage. “That’s exactly why we selected LogRhythm’s NetMon solution and Security Intelligence Platform over the competition and have made it core to our information security arsenal.”
“Most organizations are blind to a growing number of advanced threats crossing their network today,” said Chris Petersen, CTO/Co-Founder at LogRhythm. “Deeper visibility into suspicious network activity, coupled with powerful analytics and more efficient incident response is what’s needed to detect and mitigate these threats before they can have a material impact. That’s exactly what NetMon 3 is providing to our customers.”
Beyond accelerating the detection of advanced threats, NetMon’s DPA also automates incident response investigations by enabling responders to create custom analytics rules that can inspect full packet streams in real time. Additionally, DPA enhances NetMon’s SmartCapture™ policies to trigger packet capture on traffic that is aligned with concerning network activities including known indicators of compromise (IOC). Other network monitoring and analytic platforms require the capture and storage of all packets regardless of their association with suspicious activity.
Additional innovations introduced in NetMon 3 include:
- Enhanced data visualizations – Built on Elasticsearch’s Kibana Big Data plug-in, NetMon 3 delivers new, highly intuitive and practical presentations of massive data sets, accelerating threat detection and incident response
- Extended Application Identification to over 2,700 – Growing the # of applications NetMon can identify in real-time by over 1,000 since the release of NetMon 2
- Increased speed and efficiency of packet capture viewing – Leveraging the REST API, NetMon 3 provides programmatic access to packet data for the LogRhythm Security Intelligence Platform or any 3rd party application
- Extended capabilities for extracting files, images and other content from full packet captures – Facilitating more rapid incident analysis and response
“Detecting threats that are latent in your network requires intelligence that is derived from real-time analysis of network traffic”, says Eric Ogren, senior analyst at 451 Research. “We find identifying applications, correlating historical user and machine activity and analyzing network packets for anomalies, to be fundamental to behavioral analytics, which is rapidly becoming a critical element of enterprise security strategies. LogRhythm’s Deep Packet Analytics and Security Intelligence Platform form a combination that can help security teams detect threats before significant damage occurs.”
LogRhythm NetMon 3 is available for purchase today as a standalone solution or as a fully integrated component of the LogRhythm’s Security Intelligence Platform. View LogRhythm’s NetMon 3 features & capabilities.
LogRhythm is a world leader in NextGen SIEM, empowering organizations on six continents to successfully reduce risk by rapidly detecting, responding to, and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end-to-end solution. LogRhythm’s Threat Lifecycle Management (TLM) framework serves as the foundation for the AI-enabled security operations center (SOC), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won many accolades. For more information, visit logrhythm.com.