TelcoNews UK - Telecommunications news for ICT decision-makers
Story image

LogRhythm unveils latest AI-driven security enhancements

Wed, 3rd Jul 2024

LogRhythm has unveiled its ninth consecutive quarterly release, emphasising advancements in its Machine Data Intelligence (MDI) Fabric aimed at enhancing the readiness of AI-driven Security Operations Centers (SOCs). The company's MDI Fabric is designed to collect and organise diverse log sources, converting them into structured, searchable datasets.

For over 20 years, LogRhythm's MDI Fabric has undergone rigorous refinement to ensure the data it processes is accurate and reliable. This data is crucial for precise search, analytics, and investigation functionalities, enabling analysts to operate efficiently and focus on critical security tasks.

"At LogRhythm, our relentless focus on customer satisfaction drives us to continuously innovate and deliver solutions that meet our clients' evolving needs," stated Chris O'Malley, CEO of LogRhythm. "Our ninth consecutive quarterly release reinforces our commitment to delivering powerful, intuitive tools that enhance the efficiency and effectiveness of security teams worldwide."

"We are proud to provide our customers with the cleanest, most reliable data possible to empower them to move into AI-driven security strategies with confidence."

LogRhythm's quarterly enhancements also highlight simplified data retention, aimed at increasing analyst efficiency and easing compliance with industry standards and regulations. The company asserts that in the current AI-driven landscape, the integrity of data is paramount for effective AI performance.

"AI models operate at the potential of the data it receives. Today, too many vendors boast about leveraging AI but neglect a critical factor in AI-efficacy: data quality," continued O'Malley. "Staying ahead of threats isn't just about having advanced technology – it's about having data you can trust."

Andrew Hollister, Chief Information Security Officer at LogRhythm, added, "Our latest enhancements are designed to drive analyst efficiency and augment the capabilities of security teams. By simplifying tasks like compliance reporting and enabling more precise investigations, we're empowering security teams to adapt to changing threats and requirements while maintaining peak operational effectiveness in the modern era of AI-adoption."

The enhancements include features like streaming logs to AWS S3 storage, providing a cost-effective method to retain searchable data for compliance audits and long-term forensic searches. Additionally, LogRhythm introduced out-of-the-box compliance frameworks for NIST SP 800-171 and NIST CSF 2.0, facilitating quick and accurate evidence generation.

Enhanced user and host analysis within search and case management now allows for in-depth drilldowns in a single-screen investigation workflow, enabling continuous analysis without losing the context of the original query. Advanced real-time correlation has also been introduced to create complex, multi-layer analytics rules for key security use cases.

New capabilities in LogRhythm's Security Information and Event Management (SIEM) include an Open Collection Architecture, allowing customers to send JSON data to the SIEM from third-party sources instantly. The web-based JSON normalisation creation wizard aims to simplify the customisation process for users, and improvements have been made to the parsing of over 70 log sources for better correlation and analysis.

Phil Swain, Chief Information Security Officer and Vice President of Information Security at Extreme Networks, remarked, "Our partnership with LogRhythm has been instrumental in staying ahead of the curve in today's threat landscape. As a leading network solutions provider, we know firsthand that all technology strategies, including using AI and ensuring a secure network perimeter, rely on having accurate data."

"The regular quarterly updates from LogRhythm mean that we always have access to the latest innovations and updates to not only maintain but also improve our security posture."

Dallas Hammer, CISSP, Chief Information Security Officer at NDM Technologies, commented, "The JSON Policy Builder and Lumberjack JSON Listener allow us to collect and normalise emerging log sources much faster and easier than we could before, giving NDM's SOC more time to focus on detection rather than collection."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X