LogRhythm’s next-generation SIEM platform integrates log management, security analytics, and SOAR with network forensics and endpoint monitoring to give organizations the ability detect and mitigate threats.An extensive range of early indicators and risk scores trigger rapid alarm triage, threat qualification, response and mitigation. Risk-based prioritization helps automatically corroborate evidence of higher risks with their scoring to recognize incident progression across the attack lifecycle to simplify the daily duties of an analyst.The LogRhythm NextGen SIEM Platform offers many features, including several graphs, precision searches, a phishing intelligence engine, a threat activity map, case management reports and a collaborative platform.The console itself is
reminiscent of Microsoft’s Windows XP GUI, consisting of straight-to-the-point
visuals and graphical icons. These icons are, however, on the small side and
difficult to make out by default. This is where you first assign the licenses
to the data processors, which determine how many can operate, and how many
messages per second (MPS) can be processed. After verifying the licensing, we
ran into a few technical issues, but the support team was extremely helpful,
and we were able to get things up and running with their assistance.The dashboard was neatly organized with high level overviews
containing a lot of information for quick visibility. All dashboarding
capabilities are based on HTML5. The dashboards are fully customizable. More
than 850 log sourcing types are supported for full message processing and
custom log sources.Playbooks are predetermined, step-by-step guides laid out to
assist security analysts in the remediation process. They ensure consistency of
responses and increase efficiency by quickly laying out a plan of action. This
functionality comes with this solution out-of-the-box but can also be user
generated for use when an alarm is triggered. Organizations can also use
playbooks found on the community portal. The alarm structure is risk
prioritized to triage events so you can focus on the issues most important to
your organization. Smart responses are another feature to automate actions and
take remediation steps.Several different
compliance frameworks can be integrated, including a newly incorporated CIS
offering. CIS Security Controls are included. Built-in searches can be tied to
these compliance frameworks as well. No ad hoc charges are required to
incorporate compliance. A variety of reports can be scheduled and downloaded as
PDFs including compliance reports with requirements mapping displayed.Pricing begins at
$43,500. Support is offered with Standard and Premium options. Support includes
phone and email. The online community can be accessed through any browser. A
full user guide is offered on the web UI as well.Tested by Matthew Hreben
Content
LogRhythm NextGen SIEM Platform
Product title
LogRhythm NextGen SIEM Platform
Product info
Vendor: LogRhythm
Price: $43,500
Contact: logrhythm.com
Strength
Playbooks and the continuously growing library of Smart Responses increase the ease and efficiency of remediation.
Weakness
Graphical icons are on the small side and difficult to make out.
Verdict
The many features offered to assist in remediating attacks across the lifecycle simplify the daily duties for analysts of any expertise level.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds