Blog - page 10

Started Near the Bottom. Now We’re Here!

LogRhythm made its first appearance in the Gartner Magic Quadrant for SIEM as a Visionary back in 2008. At the time, ArcSight was the Goliath in the market in terms of market share, customer penetration, and momentum. David (aka LogRhythm) looked at that Goliath with quiet confidence and a long term perspective then thought: “We got this.” After eight years of continuous innovation, a commitment to customer success, loads of tenacity, well-timed agility, some great teamwork, and a dose of humility, we have moved past that “Goliath” (ArcSight) and now sit at the top echelon of the 2016 Gartner SIEM Magic Quadrant.

Read More

Who is Listening in on Your Network?

With the sheer volume of network traffic and the variety of applications that travel across a typical network these days, it is not surprising how easy it is to gather high-value artifacts using packet capturing software. The goal of an attacker that is using packet capturing software is to grab usernames, email addresses, passwords and other sensitive information traversing a network in plain/clear text for further exploitation.

Read More

Catching Beaconing Malware

When a computer becomes infected with malware, it will usually begin to beacon out to a command and control server. This is one of the ways that commodity malware checks in with its command and control infrastructure to await further instructions. But it can be difficult to detect this activity. The beaconing can take place at any time or frequency—from once every couple of seconds to once a week (or possibly even longer if you are dealing with an advanced adversary).

Read More

How Far Cyber Criminals Will Go to Get Your PII

Everyone who works in security deals with phishing emails to some extent—some more than others. In fact, most of us in the security industry see so many phishing attacks on a daily basis that they are not all that interesting anymore. However, every once in awhile, a scammer will actually take the time to prepare and deploy more believable campaigns and target personally identifiable information (PII) in a more persistent way.

Read More

Do You Know Your Network?

Knowing what or who is on your network at work and at home is all too important. See how I detected unauthorised application communication via Network Monitor Freemium.

Read More

Five Steps to Defend Against Ransomware

Understanding what happens at each phase of a ransomware attack, and knowing the IOCs to look for, increases the likelihood of being able to successfully defend against—or at least mitigate the effects of—an attack.

Read More

How to Detect and Respond to Ransomware: A Video Use Case

Imagine you're going about your day, and then you see it—an alarm in the LogRhythm Security Intelligence Platform that ransomware has been detected by the AI Engine. But how? And what has been detected? Watch the video demo to learn how you can automate incident response for ransomware threats.

Read More

The Analyst Perspective on SIEM and Security Analytics

Gartner is wrapping up their annual Security & Risk Management Summit just outside of Washington D.C. today. It's been a week of resonance, validation and insight. As for Gartner's perspective, LogRhythm was recently ranked the no. 1 vendor in all three Critical Capabilities for Security and Information and Event Management (SIEM) Report (Threat Management, Compliance and SIEM).

Read More

Friend or Foe? A Use Case on How to Detect an Insider Threat

As a cybersecurity pro, you already know that a user is both an organization’s greatest asset and its greatest vulnerability. Users have access to sensitive information and systems with the ability to inflict immense damage to an organization. Learn more about how LogRhythm can empower users to detect insider threats.

Read More

Enhanced Windows Security Event Log Collection

Thanks to the tireless work of the LogRhythm engineering team to update our Agent, as well as the efforts from LogRhythm Labs to develop a new collection interface, you can now collect Windows Security Event Logs at unsurpassed processing speeds with up to 32 percent less storage. Not too shabby!

Read More