Labs

Dynamic Data Exchange (DDE): Detection and Response, Part 1

Malicious actors have begun using Microsoft’s Dynamic Data Exchange (DDE) mechanism to deliver payloads via Microsoft Office documents instead of the traditional embedded macros or VBA code. Using LogRhythm’s integration with Carbon Black, security operations center (SOC) analysts can efficiently detect, mitigate, and remediate a Microsoft DDE-based attack.

Read More

Optimize Platform Performance with Case Management

LogRhythm’s built-in Case Management provides end-to-end Threat Lifecycle Management (TLM), but in order to maximize efficiency and provide key performance indicators (KPIs), a case tagging schema needs to be chosen and implemented.

Read More