LogRhythm Threat Lifecycle Management: Threat Intelligence Product Overview and Insight

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

See the complete list of top threat intelligence companies.
See user reviews for LogRhythm Threat Lifecycle Management.

Company Description

Founded in 2003, LogRhythm is based in Boulder, Colo. It is privately held and announced a $50 million round of financing last year.

Product Description

LogRhythm's Threat Lifecycle Management (TLM) Platform delivers a coordinated collection of data analysis and incident response capabilities to enable organizations around the globe to rapidly detect, neutralize and recover from security incidents. The LogRhythm TLM Platform uses big data technology and machine learning to deliver SIEM, log management, endpoint monitoring, Network Behavior Analytics (NBA), User Entity and Behavior Analytics (UEBA), and Security Automation and Orchestration (SAO) capabilities in a single platform, enabling end-to-end threat management workflow. LogRhythm’s Threat Intelligence Service (TIS) is a component of the LogRhythm platform that streamlines the use of threat intelligence. It provides access to commercial and open-source threat intelligence feeds. Open source integrations include:

  • Abuse.ch
  • AutoShun
  • Hail a TAXII
  • Malware Domains
  • Phish Tank
  • SANS-ISC
  • SpamHaus
  • TOR Network

Commercial threat feed integrations include:

  • Anomali
  • Cisco AMP Threat Grid
  • Cisco Cognitive Threat Analytics
  • Crowdstrike
  • NTT
  • Recorded Future
  • Symantec
  • Webroot BrightCloud

Agents

The LogRhythm TLM Platform can be configured to operate with or without the use of agents. LogRhythm offers its own agent, System Monitor, and also supports third-party agents.

Markets and Use Cases

LogRhythm has more than 2,000 customers across five continents and a variety of verticals. It reports a growing customer base in financial services, retail, manufacturing and government.

Applicable Metrics

LogRhythm measures architecture scale in terms of messages per second (MPS), or the amount of machine generated data the solution can receive, process and analyze per second. It can successfully run at 300,000 MPS, representing 26 billion messages per day and over 10,000 gigabytes per day.

Security Qualifications

FISMA, NERC CIP, HIPAA, DoDI, NIST CSF, DADMS (Department of Navy and Database Management Systems) certification, Common Criteria assurance, FIPS 140-2 certification, and a Certificate of Networthiness (CoN) from the U.S. Army.

Intelligence

The LogRhythm TLM Platform automates threat detection and prioritization with pattern matching and advanced correlation to machine learning and statistical analysis. This serves to reduce alarm fatigue and false positives, while shortening detect and response time. Its AI Engine can automatically correlate IoCs contained in threat feeds against log and security event data, enabling the detection of true threats (e.g., dangerous IPs accessing internal infrastructure, inappropriate URL usage, phishing attempts, malware propagation) through the generation of contextualized alarms.

Delivery

Software and hardware.

Pricing

Pricing begins at $27,000.

Submit a Comment

Loading Comments...