LogRhythm, recently launched LogRhythm NDR, an automated network security solution for detecting, qualifying, investigating and responding to advanced network-borne threats. The new solution is especially well-suited for those with operational technology (OT) security needs and short-staffed teams.
This automation is especially important in today’s world, where security teams are notoriously understaffed. According to a new study by (ISC)2, the world’s largest nonprofit association of certified cybersecurity professionals, there is a dramatic deficit of almost three million cybersecurity jobs globally, putting organizations at greater risk of cyberattack.
“Security teams are often understaffed, overwhelmed by false positives and lack the necessary network visibility and analytics required to detect and respond to advanced network-borne threats,” said Chris Petersen, co-founder and chief product and technology officer at LogRhythm. “With the introduction of LogRhythm NDR, security teams now have the necessary visibility, analytics and automation to not only successfully surface hard-to-see threats, but to also do so faster and more accurately — no matter how resource-constrained they might be.”
LogRhythm NDR uniquely combines Layer 7 network traffic monitoring, full packet capture, multi-method threat detection, and workflow automation. This highly integrated offering empowers organizations to detect and respond to a wide variety of network-borne threats that might otherwise fly under the radar.
LogRhythm NDR leverages appliance and software sensors that deliver deep network traffic visibility into data centers, OT infrastructure, remote sites, and public/private cloud. Notable capabilities include:
- Application identification and deep meta-data extraction of encrypted and unencrypted network sessions
- Recognition of 19 Supervisory Control and Data Acquisition (SCADA) protocols
- Always-on or selective, full packet capture, enabling full-fidelity forensic analysis
The solution takes advantage of company’s patented and award-winning security analytics capabilities, combined with on-sensor methods, to deliver comprehensive, high-accuracy threat detection. Notable threat detection methods include:
- Deep inspection of traffic metadata against known indicators of compromise (IOCs)
- Scenario modeling for known tactics, techniques, and procedures (TTPs)
- Behavior profiling and anomaly detection for insider and zero-day threats
LogRhythm NDR leverages workflow-integrated security orchestration, automation and response (SOAR) features to empower security teams of all sizes to quickly triage, investigate and neutralize threats.