LogRhythm releases Version 7.7 of NextGen SIEM Platform

LogRhythm has launched version 7.7 of the LogRhythm NextGen SIEM Platform. The update introduces new features designed to streamline the threat detection and response process, including a new Timeline View that provides analysts with an easy-to-follow security narrative when investigating an incident.

  • 3 years ago Posted in

Visualizing Security Stories with Timeline View

Through Timeline View, security analysts have a consolidated, chronological view of user or host activity. The view includes all data related to the incident and is automatically contextualized to provide a quick view into how a potential incident has played out thus far. With Timeline View, analysts can easily further their investigation without needing to navigate off the existing page to understand the cause and scope of a given incident. Analysts can also go deeper into the data presented by drilling down into specific timeline events and reviewing the underlying raw data. 

 

“We’re thrilled to bring Timeline View to our customers with the release of LogRhythm 7.7,” said Rusty Carter, chief product officer at LogRhythm. “We understand how challenging it is to manage the detection and response process if you have to use multiple screens, so our goal was to make it easier for analysts to not only get an overview as to how an incident is progressing, but to also be able to drill down into that contextualized activity is vital to rapidly making accurate decisions.”

 

To even better visualize relationships, patterns and abnormalities present in log data, LogRhythm’s Detail Page pairs Timeline View with Node Link graph (previously introduced in LogRhythm 7.5). This combination allows analysts to investigate incidents from multiple perspectives and to quickly determine the timing and scope of an incident.

 

 

Additional Benefits Provided by 7.7

In addition to Timeline View, LogRhythm 7.7 introduces a number of new features designed to improve analysts’ daily workflows and the ability to interact with other technologies. Specific benefits include:

 

  • Easier integration with third-party platforms: Version 7.7’s Alarm REST API provides a simpler integration with third-party ticketing systems, SOAR platforms, and other LogRhythm partner solutions. The publicly consumable API makes it even easier to work through standard alarm workflows, including listing alarms, pushing updates into alarms, and adding comments to alarms.
  • Seamless log configuration in the cloud: Cloud-to-cloud collection enables LogRhythm Cloud users to configure log sources regardless of origin through a Graphical User Interface (GUI). This makes it easier for users to configure log sources, ultimately leading to a lower error rate and higher confidence.
  • Built-in support for more popular cloud-based services: LogRhythm has added new out-of-the-box Beats to help analysts onboard many popular cloud-based services, including Okta and Carbon Black Cloud, which further help customers secure the identities and endpoints within their environments. 
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...