Default banner

0

 

 

LogRhythm delivers an enterprise-class Security Intelligence Platform for managed service provider (MSP/MSSPs) that empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. Our platform unifies next-generation SIEM, log management, network and endpoint forensics, and advanced security analytics.

Next Generation SIEM LogRhythm is the only SIEM designed to support the end-to-end threat detection and response workflow—what we call Threat Lifecycle Management™. Realize streamlined operations and lower total cost of ownership with our unified platform features:

                           - Automated Machine Analytics

                           - High Performance Log Management

                           - Network and Endpoint Monitoring

SmartResponse SmartResponse™ uniquely enables automated incident response. It also allows semi-automated, approval-based operation so users can review the situation before countermeasures are executed. LogRhythm reduces the time needed to perform common investigation and mitigation steps, preventing high-risk compromises from snowballing. Examples include triggering a vulnerability scan on a suspect endpoint, and more drastic measures such as quarantining a compromised endpoint or disabling a suspect user account. Incident response teams are empowered with pre- packaged and customizable plug-ins, which can reduce time to respond from days to minutes. SmartResponse use case examples include:

                 • Endpoint Quarantine: Identify the network port where a suspicious device is located and disable the port/device.

                 • Suspend Users: If an account compromise is suspected, halt a user’s account access—no matter what device they use.

                 • Collect Machine Data: In the case of malware, SmartResponse can gather forensic data  from the suspect endpoint.

              • Suspend Network Access: If data exfiltration is occurring, the incident response team can kill the connection by updating the access control list used by corporate firewalls.

Reference Site:

https://logrhythm.com/

Supporting Documents:

https://logrhythm.com/pdfs/datasheets/lr-smartresponse-datasheet.pdf