Scribd
Upload
153 views3 pages

LR Security Intelligence Platform Datasheet

LogRhythm delivers solutions for threat lifecycle management, next-generation SIEM, log management, endpoint / network monitoring and forensics. Platform provides profound visibility into threats and risks to which organizations are otherwise blind. Designed to help prevent breaches before they happen, LogRhythm accurately detects an extensive range of early indicators of compromise.

Uploaded by

api-308679666
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
153 views3 pages

LR Security Intelligence Platform Datasheet

LogRhythm delivers solutions for threat lifecycle management, next-generation SIEM, log management, endpoint / network monitoring and forensics. Platform provides profound visibility into threats and risks to which organizations are otherwise blind. Designed to help prevent breaches before they happen, LogRhythm accurately detects an extensive range of early indicators of compromise.

Uploaded by

api-308679666
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

LOGRHY THMS SECURIT Y

INTELLIGENCE PLATFORM
Protecting against todays rapidly evolving threat landscape requires
broad and deep visibility across the entire IT environment. Threats arrive
from many angles and evidence of their existence can be found within
existing log and machine data. Further visibility is gained through targeted endpoint
and network forensic monitoring. When this is applied to multiple, machine-automated
analysis techniques, threats and risks are exposed like never before.
LogRhythm delivers solutions for threat lifecycle management, next-generation SIEM, log
management, endpoint/network monitoring and forensics, and security analytics in a unified
Security Intelligence Platform. The LogRhythm platform provides profound visibility into threats and risks to which
organizations are otherwise blind. Designed to help prevent breaches before they happen, LogRhythm accurately
detects an extensive range of early indicators of compromise, enabling rapid response and mitigation. The deep
visibility and understanding delivered by LogRhythms Security Intelligence Platform empowers enterprises to secure
their networks and comply with regulatory requirements.

A Higher Standard In SIEM & Security Intelligence

rapid response. LogRhythm delivers the actionable intelligence

LogRhythm delivers a unified set of capabilities for detecting,

and incident response capabilities necessary to address todays

prioritizing, and neutralizing cyber threats and associated

most sophisticated cyber threats.

risks. LogRhythms Security Intelligence Platform delivers:

Rapid Time-to-Value

Next-generation SIEM and Log Management

Whether you are protecting a small network or running a global

Independent Endpoint Forensics and File Integrity Monitoring

security operations center (SOC), time-to-value and total cost

Network Forensics with Application ID and Full Packet Capture

of ownership matter. LogRhythms integrated architecture and

State-of-the art Machine Analytics

unified analyst workflows help customers efficiently address their

Advanced Correlation, Pattern Recognition, and Machine Learning


Multi-dimensional User / Network / Endpoint Behavior

most pressing security issues.

Anomaly Detection
Rapid contextual and unstructured search
Data set analysis via visual analytics, pivot, and drill down
Workflow-enabled automatic response via SmartResponse
Integrated Case and Security Incident Management
True visibility can be attained by analyzing all available log and
machine data and combining it with deep forensic visibility at
the endpoint and network levels. This insight is leveraged by AI
Engine, our patented Machine Analytics technology,
to perform continuous, real-time analysis of all
activity observed within the environment. AI
Engine empowers organizations to identify
previously undetected threats and risks.
The integrated architecture ensures that
when threats are detected, customers
can quickly access a unified view of
activity, enabling deep visibility and

LogRhythm Labs delivers critical out-of-the box functionality


that expedites threat detection and response. Automatically
delivered and continuously updated with new threat and
compliance research, LogRhythms extensive embedded
expertise arms customers against emerging threats and helps
keep them current with compliance and audit requirements.
LogRhythm Labs delivers:
Log parsing and normalization rules for over 700 unique
operating systems, applications, databases, devices, etc.
Compliance Automation Modules for 14+ regulatory frameworks
(PCI, SOX, HIPAA, FISMA, GLBA, ISO 27001, DODI 8500.1, NERCCIP, and more)
Threat Management Modules
User / Network / Endpoint Threat Detection
Advanced Persistent Threat (APT)
Honeypot Analytics
Retail Cyber Crime
And many others...

LOGRHY THMS SECURIT Y INTELLIGENCE PLATFORM

INPUT

ANALY TICS

REAL-TIME FORENSIC DATA COLLECTION

PROCESSING

OUTPUT
MACHINE ANALYTICS

Security Events

Other
Machine
Data

System
Logs

Machine
Learning

USER

97

A N D/O R

83

Contextual
Search

Risk Prioritized
Alarms

% 6 c % 72

Application Logs

REAL-TIME FORENSIC DATA GENERATION


Endpoint
Monitoring

Process
Activity

59

Audit Logs
Behavioral
Profiling

File/
Registry
Integrity

ACTIONABLE INTELLIGENCE

H O ST

Time
Normalization
Flow Data

FORENSIC
ANALYTICS

Uniform Data
Classification

Network
Monitoring

...

Statistical
Analysis

DPI/
Application
ID
Layer 7
Flow
Deep
Packet
Analytics

User
Activity

Full
Packet
Capture

Reports

INCIDENT RESPONSE

Whitelisting
Metadata
Extraction & Tagging

30

Network
Comms

Unstructured
Search

Real Time
Dashboards

Visualization

Blacklisting

60

Case
Collaboration

Evidence Locker

Incident
Tracking & Metrics

Automated
Response

90
100

Threat & Risk


Contextualization

Advanced
Correlation

Pivot / Drill Down

MACHINE DATA INTELLIGENCE (MDI) FABRIC

Flexible Deployment Options


High Performance Appliances
DEDICATED PLATFORM
ALL-IN-ONE (XM)
MANAGER (PM) (INCLUDES
(INCLUDES PM, DPX, AIE)
AI ENGINE LICENSE)
Appliance Lines
Max Archiving
Rates
Max Processing
Rates

4301

6400

5400

7400

10,000 MPS 25,000 MPS

N/A

N/A

1,000 MPS

N/A

N/A

5,000 MPS

DEDICATED DATA
PROCESSOR (DP)

DEDICATED
AI ENGINE (AIE)

DEDICATED DATA INDEXER (DX)

DATA
COLLECTOR
(DC)

NETWORK MONITOR (NM)

WEB
APPLIANCE

3300

5300

7400

5400

7400

3300

3300

5400

3300

10,000 MPS 50,000 MPS

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

5,000 MPS

N/A

N/A

N/A

N/A

1 Gbps

2.5 Gbps

N/A

5300

7400

15,000 MPS

30,000 MPS 75,000 MPS

LogRhythm earns HIGH

THE SANS COMMUNITY

MARKS

has voted LogRhythm the Best SIEM of 2014.

FROM READERS across the board.

SANS INSTITUTE

INFOWORLD

Software & Virtualization

LogRhythm Labs

LogRhythm Solution Software can be easily deployed on customer


provided hardware and most major virtualization platforms, including:

LogRhythm Labs is a security and


compliance research team focused
on empowering customers by delivering embedded expertise
and pre-configured tools for advanced threat management and
compliance automation. The team includes recognized experts
on intrusion detection, advanced malware, incident response, IT
compliance, and many other essential subjects. The researchers
at LogRhythm Labs hold several industry certifications (e.g.,
CISSP, CISA, CEH, etc.) and use ongoing research and education
to stay current with the latest developments in threats, methods,
compliance, and security best practices.

LogRhythm Services
LogRhythm is the industrys largest focused provider of SIEM
and Security Intelligence. Its world class support and professional
services teams are dedicated to maximizing customer success by
providing responsive and practical solutions.

LogRhythm in Action
Detecting Custom Malware with Endpoint
Behavior Anomaly Detection

Exposing Compromised Credentials with User


Behavior Anomaly Detection

Identifying Data Exfiltration with Network


Behavior Anomaly Detection

Challenge: Custom malware tied to zero-day


attacks is created to evade traditional security
solutions that are built to detect specific
signatures and known malicious behavior.

Challenge: With an increasingly mobile workforce


and the accelerating adoption of BYOD,
enterprises find it difficult to distinguish between
normal behavior and activity indicating that a
users credentials have been compromised.

Challenge: The constant flow of data into and out


of an enterprise makes it difficult to detect when
sensitive data leaves the corporate network.

1. LogRhythm baselines normal endpoint behavior and


creates a whitelist of acceptable process activity.
2. Endpoint Activity Monitoring independently detects a new
process starting.

1. Network Monitor provides critical visibility at network


ingress/egress points, with SmartFlow data providing
1. LogRhythm automatically establishes a profile for specific
deep packet visibility into each network session observed
users, including whitelists of acceptable activity and
and the applications in use.
behavioral baselines of observed user activities.
2. LogRhythms machine analytics establish behavioral

3. LogRhythm automatically recognizes that the new process 2. AI Engine detects when a user engages in abnormal activity,
like logging in from a suspicious location or deviating from
is non-whitelisted.
a behavioral norm, such as accessing significantly more or
4. LogRhythms machine analytics corroborates the event
different data and uploading that data to a non-whitelisted
against related activity such as abnormal network traffic,
cloud sharing application.
accurately identifying the activity as high risk.
3. SmartResponseTM either automatically disables the account
5. An alarm is sent to a Security Administrator, who easily
or queues up the response for validation pending a more
accesses forensic details to investigate.
detailed forensic investigation into the users activity.

US: (866) 384-0713

EUROPE: +44 (0) 1628 509 070

AUSTRALIA: +61 2 8019 7185

baselines across observed network activities, leveraging


the extensive packet metadata delivered via SmartFlow.
3. Network-based anomalies are identified and corroborated
against other log and machine data to provide accurate
visibility into high risk activity.
4. SmartCaptureTM automatically captures all packets
associated with suspicious sessions for full packet
forensics.

INFO@LOGRHYTHM.COM

WWW.LOGRHYTHM.COM

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy