Highlights:

  • LogRhythms Axon Agent, a part of the company’s platform intended to collect and manage on-premises data, has also been improved for increased efficiency for on-premises data collection.
  • To improve the SIEM’s capacity for efficient data correlation and analysis, LogRhythm has also increased the number of supported log sources in its library and improved its parsing tools.

The security intelligence company LogRhythm Inc. has unveiled several new improvements to enhance agility and performance for fast-moving security teams.

The new developments are concentrated on smooth integration and extensive case management enhancements to optimize the effectiveness of security operation center teams and analysts. The most recent updates to the LogRhythm platform offer a single view of every case inside the user interface. This removes the need to navigate between different search tools when delving deeper for more thorough analysis.

The top of the list is a brand-new, interactive single-screen investigation that highlights contextual case insights with drill-down capabilities to log sources and security analytics to lower the mean time to response. In addition, an enhanced assisted search function that suggests previous searches, search lists, and search phrases to analysts boosts their productivity.

By offering monitoring, analysis, and data visualizations about each user, admin, and policy activity via application programming interfaces in Office 365 and Microsoft Entra, an extra collector for the Microsoft Office 365 Management API gives users increased visibility.

By making it simpler to deploy and upgrade agents, LogRhythms Axon Agent, a part of the company’s platform intended to collect and manage on-premises data, has also been improved for increased efficiency for on-premises data collection.

The platform now offers enhanced self-hosted LogRhythm security information and event management capabilities, including expanded support for onboarding more Beats and Open Collectors from a single location, reducing security teams’ workload by half. Easier-to-use features include enhanced analyst workflows for examining alarm notifications and Windows Event log onboarding.

To improve the SIEM’s capacity for efficient data correlation and analysis, LogRhythm has also increased the number of supported log sources in its library and its parsing capabilities. To help security teams make quick decisions, LogRhythm network detection and response has included additional features, such as a toggle button to conceal things on the safe list and expanded IP geolocation contextualization.

Chris O’Malley, Chief Executive Officer of LogRhythm, said, “As LogRhythm’s SIEM capabilities continue to expand, our primary goal remains delivesring powerful security platforms that help customers quickly and confidently secure their environments. Whether our customers prefer the control and customization of a self-hosted solution or the scalability and agility of the cloud, LogRhythm provides the tools and expertise to navigate the evolving threat landscape with confidence.”