Visualizations of user/host relationships, live data updates and quick onboarding of cloud data sources make for a powerful security analyst experience.
LogRhythm has announced the launch of version 7.5 of the LogRhythm NextGen SIEM Platform as well as the inaugural release of its Open Collector technology.
LogRhythm 7.5 provides enhanced analyst workflow experiences and visibility, while Open Collector simplifies the process of onboarding cloud data sources for more holistic monitoring.
“Organizations produce more data today than ever before, so security teams need comprehensive visibility across their environment,” said Sue Buck, Chief Technology Officer of LogRhythm. “But we also don’t want the amount of data needed for full visibility to ultimately overwhelm analysts. With LogRhythm 7.5, we’re making it even simpler and faster for analysts to get the precise information they need to remediate suspicious or threatening activity.”
LogRhythm 7.5 and Open Collector benefits
LogRhythm 7.5 and Open Collector make it faster and easier for security analysts to detect and mitigate threats – no matter their level of experience. This is made possible through the following features:
- Faster search speed: Tail search feature automatically and continuously re-runs searches without the need to resubmit a query. This means analysts are guaranteed to see all incoming log data – in real time – related to their investigation.
- Eliminate errors: Security analysts can now reduce the chance of error when creating filters with new, built-in Lucene helper assistance. This results in faster investigations so analysts can spend less time identifying a threat and more time resolving it.
- Visualise data correlation: New Node Link graph feature enables the visualization of the connections between users and hosts in the environment. LogRhythm’s Machine Data Intelligence (MDI) Fabric supplements the graph with contextual data to clearly explain the relationship and type of activity occurring between connections. Instead of being overwhelmed by data from many disparate sources, analysts can use the Node Link Graph to filter data and quickly identify activity and relationships of interest.
- Quickly onboard cloud services: While customers can choose to manually create and customize collection interfaces if desired, Open Collector also provides several premade beats. This allows analysts to onboard many popular cloud services with minimal administration work. Out-of-the-box beats include those for Google G Suite, AWS S3, Event Hub and Sophos.
- Reduce administration time: With user-friendly REST APIs, power users can easily use their SIEM data outside of LogRhythm’s consoles. In addition, the APIs make it easier to more deeply integrate LogRhythm into workflows, reducing administrative work within large environments or across multiple deployments for enterprise customers, technical partners and MSSPs.
“Businesses continue to accelerate their Digital Transformations and adoption of cloud services; with that comes an ever-increasing urgency to maintain visibility across hybrid and cloud-native environments,” said Rust Carter, Chief Product Officer of LogRhythm. “Our advancements with Open Collector exemplify our continued focus on delivering analytics and orchestration that simplify management of the organization’s security posture – especially as they tackle these challenges.”
Immediate global availability
LogRhythm 7.5 and Open Collector are available today for immediate use. To implement all the capabilities of LogRhythm 7.5, existing customers simply need to follow supported upgrade paths. Customers can download all necessary files to enable Open Collector here: https://logrhythmcommunity.force.com/idp/endpoint/HttpPost
To see a demo of LogRhythm 7.5, please visit:https://logrhythm.com/schedule-online-demo/ or email: [email protected]