Page 49 - CDM Cyber Warnings February 2014
P. 49
LogRhythm Security
Intelligence
LogRhythm combines next generation SIEM, Log whitelisting helps eliminate false positives by allowing you
Management, File Integrity Monitoring and Machine to identify and focus on truly abnormal behavior.
Analytics, with Host and Network Forensics, in a single, LogRhythm�s advanced security analytics is uniquely
unified Security Intelligence Platform. LogRhythm effective in detecting advanced threats, including attack
provides deep visibility into threats and risks to which vectors and techniques employed by groups aligned with
organizations are otherwise blind. Designed to help state-sponsored cyber-attacks.
prevent breaches before they happen, LogRhythm
accurately detects an extensive range of early indicators of LogRhythm delivers enterprise SIEM and log management
compromise, enabling rapid response and mitigation. capabilities with Common Criteria assurance at Evaluation
LogRhythm�s Security Intelligence Platform empowers Assurance Level (EAL) 2+, FIPS 140-2 certification and an
global organizations and government agencies to detect enterprise-wide Certificate of Networthiness (CoN).
breaches and the most sophisticated cyber threats of today, LogRhythm meets the strict security requirements of
faster and with greater accuracy than ever before. government agencies while simultaneously complying with
a myriad of federal regulations – including FISMA, NERC
An acute challenge that most organizations face is an CIP, HIPAA and DoDI.
inability to define what constitutes �normal� behavior, and
as a result, have great difficulty identifying which activity By deriving a rich set of fully searchable metadata, Network
is abnormal. AI Engine also automates the process of Monitor provides rapid access to highly valuable forensic
establishing behavioral and statistical baselines to identify evidence, resulting in rapid and in-depth understanding of
what activity is �normal� on your network, so that you can network activity. In addition, Network Monitor� s ability to
more accurately detect abnormal activity. This includes the perform full packet capture provides access to each
unique ability to automatically establish whitelists of any session�s raw packet details for additional forensic evidence.
criteria that can be used to create highly accurate event data
based on deviations from normal behavior. Behavioral �The Most Innovative SIEM Solution for 2014 � - CDM
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 49
