Page 9 - CDM Cyber Warnings February 2014
P. 9
are triggering from the same user or host. This minimizes false In addition to sending all data to the Security Intelligence
positives allowing the appropriate personnel to focus on truly Platform for real-time, advanced analysis, the Network Monitor
concerning sets of activities to prevent or contain a breach. provides access to network level event data through a simple web
UI with powerful visualization as well as a simple, unstructured
3) Advanced search and visualizations. Technology that can search engine so that users can find the right information quickly
alert security analysts to corroborated sets of suspicious activity and easily.
facilitates users to prioritize their time more effectively to
investigate these activities and better understand scope, entry LogRhythm also delivers additional insight at the host level, with
point, and root cause. Effective remediation requires intuitive fully integrated file integrity monitoring to help secure sensitive
search capabilities and analytical tools providing critical data and meet specific compliance requirements. And it can
visibility into the universe of forensic data. This includes the generate forensic data through host activity monitoring to
ability to drill-down, pivot, and correlate data as well as provide independently monitor processes, services and network
impactful visualizations for rapid analytics. The technology connections, which can help expose things like zero day malware
must enable users to quickly understand the contents of a large on the host or critical application failures.
data set while empowering them to take immediate action to
defend against breaches. From a practical standpoint, no solution can provide value if it�s
too complex to operate. That�s why LogRhythm has been built
LogRhythm�s Security Intelligence Platform with the user experience governing all design principles,
The cornerstone of LogRhythm�s Security Intelligence Platform resulting in the most powerful and usable interface on the
is an award-winning, next-generation SIEM and Log market. Every aspect of the UI has been designed with the
Management solution. LogRhythm collects and analyzes data end-user in mind, making it easy to not only see what�s
from the industry�s broadest set of sources and provides greater happening in the environment in real time, but to quickly drill
out-of-the-box analytics and embedded expertise, delivering down into important event details for immediate analysis and
broad protection, deep visibility and actionable insight. rapid incident response management.
LogRhythm provides a fundamentally simpler process of
forensic analysis through an intuitive, customizable and easy to
use interface/dashboard. An interactive UI with robust drill
down and pivot capabilities provides rapid access to valuable
data (events) that could point to weaknesses, intrusions,
violations and inefficiencies that need attention and repair.
With out-of-the-box, automated compliance and security suites
with comprehensive alarming, investigation and reporting
capabilities, LogRhythm delivers enterprise security intelligence
and compliance without the overhead of other solutions.
LogRhythm� s technology is powered by AI Engine, including
patented Machine Analytics that deliver highly automated and Seth Goldhammer is the director of product management at
easily customized advanced behavioral and statistical analysis. LogRhythm. He has more than 15 years of experience working in
AI Engine analyzes all data in real-time to identify the highest the network management and security industry, including
priority security events and compliance violations to protect starting Roving Planet where he helped design and build go-to-
your network and enforce policy. For additional protection from market strategies for the industry�s first network access control
advanced threats and breaches, LogRhythm� s Network Monitor products. Seth has also served in product management roles at
delivers extensive layer 7 visibility, deep packet inspection with TippingPoint, 3Com and HP Networking, and is responsible for
automatic identification of more than 2,000 applications and full collecting market requirements and speaking at customer events
session packet capture for advanced forensics. for LogRhythm.
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 9