Blog

Identifying PowerShell Tunneling through ICMP

Hackers are constantly looking for ways to bypass traditional network defenses, and exploiting the Internet Control Message Protocol (ICMP) as a covert channel for a reverse shell is a commonly used method for attack. However, you can use LogRhythm’s Network Monitor](/products/network-monitoring/) to identify PowerShell tunneling through an ICMP.

Automate Project Management with SmartResponse

The SIEM is a great central aggregate for case data and analytics, but also has the ability to give your team back valuable time if you take advantage of automation. LogRhythm’s SmartRepsonse tegrates with project-management tools to create automated responses and ease your team’s workload.