LogRhythm Accelerates Detection and Response to Cyber Threats with New Case Management and Advanced Search Features

Latest Release of Award-Winning Security Intelligence Platform Bolsters Efficiency and Precision of Handling High-Impact Incidents

BOULDER, Colo.—January 21, 2015—LogRhythm, The Security Intelligence Company, today released new Case Management, Search and Analysis features that enable customers to expedite the detection and qualification of high-impact threats, reduce response times and neutralize damaging cyber-attacks. Available immediately in LogRhythm’s award-winning Security Intelligence Platform, the company’s latest innovations address a critical and unmet need for greater efficiency and precision in the cyber threat investigation process to reduce the mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to cyber threats.

“Fostering collaboration among multiple team members to expedite the evaluation, prioritization and response to threats has never been more important given today’s complex threat landscape,” said Michael Ables, senior network systems analyst at Tarleton State University. “LogRhythm’s highly intuitive and customizable UI, new Case Management, and search and analysis features makes that collaboration more seamless and effective. We can now conduct investigations to address and mitigate threats and operational issues faster than ever before.”

The growing complexity and sophistication of today’s cyber threats, coupled with an ever-increasing volume of data in which key threat indicators are hidden, necessitates a more coordinated and efficient approach to threat detection and incident response. Information security teams are limited in their ability to prioritize investigations, efficiently gather evidence, centrally track progress, and quickly foster collaboration with and escalate to more qualified staff.

LogRhythm’s new advanced search and analysis capabilities leverage the platform’s highly intuitive and customizable user interface to make the process of crafting targeted searches even faster, which reduces overall time spent on investigations. Its Case Management features provide efficient organization and central access to all pertinent data surrounding a suspected threat, delivering streamlined workflow and collaboration features that support the full investigation and response process.

“Security teams are struggling with alarm fatigue, too often chasing down the wrong alarms, missing the important ones, and doing all of it inefficiently. We built Case Management, and integrated it directly into our Security Intelligence platform, to optimally enable the security analyst and incident response function, delivering the end-to-end Threat Lifecycle Management™ capabilities required to dramatically reduce the time it takes to detect and respond to threats,” said Chris Petersen, co-founder/CTO at LogRhythm. “These latest innovations speak to LogRhythm’s focus on solving the most pressing challenge CISOs face today – quickly detecting and responding to those threats that could bring harm.”

Highlights of the newly released innovations include:

  • Accelerated discovery and qualification of incidents
    • Users create a case or escalate an incident with one click from any screen within the LogRhythm user interface.
    • Security analysts can set case prioritization, assignment and view tracking of workloads.
  • Improved efficiency of the cyber threat investigation process
    • New search creation and quick search pivoting capabilities allow targeted analysis of pertinent forensic information, revealing critically important context to assess the scope of impact and severity of an incident.
    • Case provides a single repository of all pertinent data and an ability to quickly add key evidence such as alarm data, log data, log visualizations and external data, such as packet capture and files.
    • Case Evidence, available throughout the user interface, provides immediate accessibility to all data associated with a specific case.
  • Faster and more efficient response and remediation
    • Case dashboard provides real-time visibility into case and incident management activity, including a real-time “news feed” of all investigation and response activity.
    • Integration with LogRhythm’s SmartResponse™ feature enables immediate countermeasures and containment actions directly from within a case.

“ESG research indicates that many organizations remain challenged with their processes around detecting and responding to security events. Furthermore, these security tasks are only getting more complex as security teams collect, process and analyze more and more data,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group (ESG). “With its latest software release, LogRhythm provides additional capabilities that can help security professionals improve the efficacy and efficiency of security investigations, thus helping them address problems before they turn into major security breaches.”

About LogRhythm

LogRhythm empowers more than 4,000 customers across the globe to measurably mature their security operations program. LogRhythm’s award-winning NextGen SIEM Platform delivers comprehensive security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) within a single, integrated platform for rapid detection, response, and neutralization of threats. Built by security professionals for security professionals, LogRhythm enables security professionals at leading organizations like Cargill, NASA, and XcelEnergy to promote visibility for their cybersecurity program and reduce risk to their organization each and every day. LogRhythm is the only provider to earn the Gartner Peer Insights’ Customer Choice for SIEM designation three years in a row. To learn more, please visit logrhythm.com.