LogRhythm Champions Profile: Kevin Merolla
The LogRhythm Champions Network is an exclusive community of LogRhythm’s most passionate and strategic customers.  This elite group of customers leaders in the InfoSec community and are experts in all things LogRhythm. The LogRhythm Champions Network works to recognize these…
Read More
April 9, 2021
Introducing LogRhythm 7.7: Improving the Analyst Experience with Detail Page and Timeline View
Posted by: Matt Willems
Security analysts are constantly challenged to investigate security incidents and mitigate them quickly. But does your security operations center (SOC) have the full picture of what’s occurring in the environment to remediate the impact of a false negative? LogRhythm is…
Read More
April 5, 2021
The Latest LogRhythm Employee Initiatives
The first quarter of 2021 went by so quickly! The whirlwind of 2020 brought its challenges, yet as we dive into 2021 — more resilient and mutually committed to our common goals — I am confident that LogRhythm can tackle…
Read More
April 1, 2021
Centralizing Process Creation Events with a SIEM
Posted by: Dan Crossley
How Process Creation Events Can Be Centralized for Ease of Analysis Process creation events are written to the Windows Event Log on the local endpoint where they are generated. This raises an obvious issue for defenders looking to proactively review these…
Read More
March 15, 2021
Network Threat Hunting Made Easy With the MistNet NDR MITRE ATT&CKâ„¢ Engine
Security professionals are widely adopting MITRE ATT&CKâ„¢ for network threat hunting. ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge, and it represents a globally accessible information base of adversary tactics and techniques based on real-world observations. MITRE ATT&CK provides…
Read More
February 26, 2021
How to Audit and Test for Sudo’s CVE-2021-3156 with LogRhythm
Posted by: Brian Coulson
TL/DR Qualys has reported that Sudo, before 1.9.4p2, has a heap-based buffer overflow vulnerability that allows privileged escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character. Detecting a successful exploit of the…
Read More
February 23, 2021