What’s New at LogRhythm

What's New @ LogRhythm

See how we're delivering on promises to better serve our customers

At LogRhythm, we strive to make and keep bold promises to our customers. Explore our latest product releases that help organizations reduce risk, prioritize work that matters, and quickly secure environments.

Also, don’t miss our January release webinar featuring product leadership as they break down this quarter’s innovations!

January 2023 updates

This quarter’s enhancements span LogRhythm’s product portfolio to enable SOC teams to detect and resolve threats easily and improve analysts’ effectiveness.

  • New Web UI running on Open Collector (OC Admin)
  • MPE Rule sharing
  • New and enhanced log sources
  • New log source initial analysis – GCP update, Windows WMI, Sysmon on Latest Ubuntu- Ubuntu22
  • New and updated SmartResponses™: urlscan.Io, Microsoft 365 Defender for Endpoint V1, TrendMicro Vision One V1.0, ServiceNow, Microsoft OneDrive/SharePoint, MS Office 365
  • Enhanced auditing support
  • LogRhythm Cloud: Archive retrieval in the cloud
  • Analyst experience: parse hosts as metadata in output log
  • Detection: New models using windows logs that track, windows security event ID, windows logon type
  • Microsoft EDR integration
  • VirusTotal Data Collection
  • Continued roll out of new and refreshed user interface
  • Increased customizations available in dashboard
  • Security analytics
  • Automated threat detections identified by
    our analytics engine
  • MITRE ATT&CK™ threat detection
  • End-to-end authoring of streaming analytics rules
  • Observation Workflow
  • Analyst workflow that is faster and more flexible
  • Additional visualizations and data analysis tools
  • Histogram and markdown visualizations
  • Ability to fine-tune Axon Agent performance
  • Single-Sign-On support
“Axon has already given our team the tools to effectively analyze our environment and improve our security posture.” – Eric L., Network Engineer, global manufacturing company 

Security Analytics Made Easy

We know organizations everywhere struggle mightily to defend against digital weaponization. That’s why LogRhythm is constantly innovating to address the challenges facing lean and overburdened security teams and focused on making it as easy as possible for customers to detect, analyze and disarm cybersecurity threats.

As we enter 2023, we are proud to release 2023’s Q1 quarterly deliverable, marking our third consecutive quarter of making and keeping promises that matter to our precious customers. By continuously working to deliver on a quarterly basis, we empower security teams to quickly secure their environments so that their organization can securely compete and win in the digital age.

Following the launch of LogRhythm Axon, our cloud-native security operations platform in October, this quarter’s innovations add new visualization and powerful analytics to Axon as well as a series of expanded capabilities and integrations to LogRhythm SIEM, NDR, and UEBA to help SecOps:

  • Simplify the detection of potential threats with intuitive interfaces
  • Reduce the burden of resource and budget administration
  • Automate the surfacing of threats to resolve incidents more quickly
  • Simplify the collection and enrichment of logs and boost productivity and efficiency  
  • Improve blind spot detection and endpoint visibility through new integrations

At LogRhythm, we have no small plans, and that starts with ourselves. Our maniacal customer obsession pushes our team to constantly innovate and improve how we work so we can help security teams confidently navigate the ever-changing threat landscape with confidence. That’s who we are and who we will be – an organization that makes and keeps cybersecurity promises that matter to our precious customers who constantly inspire us to invent on their behalf.

For you, we will become the best cybersecurity partner in the world. We will continue on our quest to reinvent ourselves to better serve you, so please stay tuned. We’re just getting warmed up!


Chris O’Malley,
LogRhythm CEO

Promises made. Promises kept.

October 2022 updates

In October, we introduced our brand new, cloud-native security operations platform — LogRhythm Axon! In addition, we launched valuable enhancements to LogRhythm SIEM 7.10, UEBA, and NDR solutions.

  • Cloud-to-cloud collection support for Amazon Web Services (AWS) S3 logs
  • Log source support and parsing improvements to specific log sources
  • Automation functionality around endpoints and new metrics API
  • SmartResponse™ executes preventative actions
  • FIPS compliance
  • UI improvements in the UEBA lab streamline the analyst workflow
  • New model that tracks when the user authenticates using a new log source type
  • Identifies 0365 services hosts in the logs
  • User score now takes the origin host details involved in the anomaly
  • Ingests data from NetFlow
  • Features a newer version of the MITRE ATT&CK™ framework
  • Leverage vulnerability scanner data to qualify IDS detections
  • Establishes case definition based on IDS rule of IOC mapped to ransomware
  • UI contains a more streamlined and intuitive analyst workflow
  • IDS rule/signature in the UI details on Incidents page
  • Create an allowlist from the Policy Management page
  • Validates the successful connectivity and integration of third-party software
  • Communication traffic go through explicit proxy customers to implement network policies
  • Guided and intuitive workflows
  • Use of “common” language for accessing information/threats
  • Intuitive dashboarding and reporting capabilities
  • Axon and related resources for storage/retention will be managed by LogRhythm
  • Cloud-native architecture
  • Predictable licensing based on storage
  • Cloud collection for both IaaS and SaaS based applications
  • Log data is normalized and classified into the LR patented MDI format
  • Data is enriched with information on geolocation and DNS look ups
  • Auto log-source onboarding and Policy Builder

July 2022 updates

Get the scoop on July’s release featuring LogRhythm SIEM 7.9, along with UEBA and NDR updates.

  • Admin API includes SysMon management endpoints
  • SmartResponse™ automated actions let you execute preventative actions
  • Expanded log source support and parsing improvements
  • Event Log Filtering feature to select the types of Windows Event logs
  • Metadata fields, including Object Name, Command, and MAC Address
  • Full support and compatibility for SQL Server 2019
  • Support for Windows Server 2019
  • Reporting feature to display any overages
  • Third-party components in Web Console upgraded to latest version including upgrades for Angular and jQuery
  • Security patches resolve the log4j vulnerability
  • Monitor improbable travel between origin locations  
  • User score normalization across all users within the same company
  • The “new” and ”new_across_ids” show the hosts or locations triggered the anomaly directly in the log
  • Anomalies are mapped to MITRE D3FEND™, when applicable
  • Download PCAP files for specific incidents and cases
  • Enhanced LogRhythm NDR analytic capabilities
  • JA3 fingerprints in our Hunt Activity page
  • View policy violation-type alerts greater insight into environment
  • CIDR notation supports making it easier to add specific blocks of IP addresses to allowlist
  • Keep up with changes in the environment with easier editing capabilities
  • LogRhythm now includes Cisco Secure Endpoint (formerly AMP)

Introducing the Innovation Portal

To ensure that LogRhythm’s product deliverables are tailored to our customers’ needs, we created the Innovation PortalThis section of the Community contains quick showcases of what’s in development. You’ll find a mix of videos, surveys, and other spotlights — all of which come with an open invitation for feedback. 

Let us know your thoughts through the surveys and comments section and signal your general support with a Kudos. We’ll keep a close eye on this section and will steadily supply it with new content.

See LogRhythm Axon in action

Let one of our security experts review your uses cases and demonstrate how the LogRhythm Axon platform can help you reduce noise and quickly secure your environment 

LogRhythm Axon dashboard