Blog - page 6

Integrated Endpoint Protection and Response

This powerful integration, combines Carbon Black’s complete endpoint detection and response solution with the advanced analytics and automated response capabilities of LogRhythm.

Read More

Breaking Down the Anatomy of a Phishing Attack

Detecting a spear phishing attack can often be like searching for a needle in haystack. However, your security operation center (SOC) analysts can use LogRhythm’s SmartResponse and AI Engine to rapidly detect and respond to these damaging breaches.

Read More

Mamba Ransomware Analysis

The LogRhythm Labs team provides analysis on Mamba—a strain of ransomware identified in 2016—after its recent resurgence. This goal of this in-depth analysis is to ensure users are prepared to protect their systems and to help prevent future infection of this malware variant.

Read More

How to Make Your SIEM Speak

Your security teams can be responsible for managing a number of logs, so how do you make malicious behavior and alerts stand out? Using LogRhythm’s SmartResponse, you can make your SIEM speak to you and audibly alert to a threat.

Read More

Build a Highly Efficient SOC—Even with Limited Resources

In a perfect world, you’d have a 24x7 SOC. But the reality is that you may have only one or two full-time employees faced with the daunting task of identifying possible signs of intrusion and compromise. But there is a solution: Build a SOC that automates as much work as possible so your staff can focus on what's important.

Read More

Identifying PowerShell Tunneling Through ICMP

Hackers are constantly looking for ways to bypass traditional network defenses, and exploiting the Internet Control Message Protocol (ICMP) as a covert channel for a reverse shell is a commonly used method for attack. However, you can use LogRhythm’s Network Monitor to identify PowerShell tunneling through an ICMP.

Read More