Blog

LogRhythm Threat Intelligence Services (TIS): STIX via TAXII

Here at LogRhythm, we are excited to announce an updated release of our Threat Intelligence Services (TIS). If you're not familiar with TIS, its easy-to-use utility enables LogRhythm customers to rapidly add and configure a wide array of threat feeds from commercial or open-source feeds. However, in the new release of TIS (1.5), there is support for Structured Threat Information eXpression (STIX) threat data via Trusted Automated Exchange of Indicator Information (TAXII). But before I cover the details of what STIX and TAXII are, let's cover the why.

Read More

Palo Alto Networks Ignite 2016

LogRhythm was a proud sponsor at the recent Palo Alto Networks 2016 Ignite Conference in Las Vegas. It was a fantastic three-day event where we not only got to meet many existing customers and technology partners, but we also were able to demonstrate our powerful integrations between LogRhythm's Security Intelligence Platform and Palo Alto Network's Firewall. For those who weren't able to make it to the event, we wanted to share some of these integrations.

Read More

The State of Ransomware: How to Prepare for an Attack

Ransomware is currently one of the most widespread and highest-publicized threats on the Internet. Over the last few years, we’ve seen a marked increase in the use of ransomware tools like CryptoLocker, CryptoWall, TeslaCrypt and more recently Locky. Security experts predict 2016 will follow this trend as more cybercriminals begin offering ransomware-as-a-service options to their list of nefarious wares.

Read More

Learn How to Automatically Mitigate Threats

The reality today is that 76% of organizations were compromised by a successful cyber-attack in 2015. With perimeters becoming ill-defined and fluid due to the rise in the adoption of BYOD (bring your own device), cloud services and the mobile workplace, we can no longer rely on building big walls to keep people out. In my use case featurette you’ll see host becoming compromised using a previously undetected attack, and how LogRhythm detects and automatically mitigates this threat in real time.

Read More

Detecting and Ending Long-Running Processes

We recently had a challenge arise with administrators connecting to a variety of servers daily and launching a variety of tools. Often, the default action for administrators is to disconnect their session rather than log off. This results in applications left running that consume valuable server resources such as memory and CPU. While there are configuration settings you can put in place to address these challenges, often in a large enterprise, they are not straight-forward as they may seem. So, how can you use LogRhythm to detect these long-running processes?

Read More

Case Enhancements in LogRhythm 7.1.5

LogRhythm 7 has made great strides in empowering organizations to detect, respond to and neutralize damaging cyber threats. The 7.1.5 release, came packed with even more enhancements and features to help you stay one step ahead of today’s most advanced cyber threats.

Read More