Scribd
Upload
229 views38 pages

LogRhythm NextGen SIEM v3

The document discusses LogRhythm, a cybersecurity company that provides a next-generation SIEM solution. It introduces key LogRhythm executives in Africa and provides links to their online profiles and company pages. It then outlines an agenda for their presentation, covering who LogRhythm is, the challenges faced by SOCs, how LogRhythm's solution supercharges SOCs, and how it helps predict threats and future-proof businesses. The presentation aims to demonstrate LogRhythm's unstoppable innovation and commitment to customers.

Uploaded by

amirel80
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
229 views38 pages

LogRhythm NextGen SIEM v3

The document discusses LogRhythm, a cybersecurity company that provides a next-generation SIEM solution. It introduces key LogRhythm executives in Africa and provides links to their online profiles and company pages. It then outlines an agenda for their presentation, covering who LogRhythm is, the challenges faced by SOCs, how LogRhythm's solution supercharges SOCs, and how it helps predict threats and future-proof businesses. The presentation aims to demonstrate LogRhythm's unstoppable innovation and commitment to customers.

Uploaded by

amirel80
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 38

Sara Hallaoui

Regional Sales Manager | Africa

Omar Naggar
Senior Cybersecurity Consultant | Africa

www.youtube.com/user/LogRhythmInc

www.linkedin.company/logrhythm/

twitter.com/LogRhythm

www.facebook.com/LogRhythmInc/

®LogRhythm 2022. All rights reserved. Company Confidential. 1


LogRhythm NextGen SIEM

Who we are and LR Presence


SOC Biggest Challenges
LogRhythm XDR SuperCharged SOC
Predict Threats , Future Proof your Business
Unstoppable Innovation and Commitment
LR Value Added Services
Deployment and Licensing Options
No LogRhythm Deployment is the Same
Q&A

®LogRhythm 2022. All rights reserved. Company Confidential. 2


Who we are and LogRhythm Presence in different Regions

®LogRhythm 2022. All rights reserved. Company Confidential. 3


Founded in 2003
HQ in Boulder , Colorado

Regional Offices in iMETA , UK , APJ


Gartner Leader from ’12 to ’21

Gartner , Forrester , SANS and numerous


other industry awards

Focused on SIEM and Security Intelligence


and helping Customers around the world to :

• Reduce Exposure to CyberSecurity


Threats
• Eliminate Dead Angle Zones
• Shutdown the attacks
• Limit the damage and Reduce Disruptions

®LogRhythm 2022. All rights reserved. Company Confidential. 4


Over 4,000 Customers Globally: Proven Success in the Most
Complex and Regulated Environments
Retail Finance Education Healthcare

Energy & Telecom Government Other

®LogRhythm 2022. All rights reserved. Company Confidential. 5


Customers for Life: Read the Reviews
Threat Hunting and Total Cost of Ownership

We replaced Splunk with LogRhythm and have not been disappointed. We


use LogRhythm as a combination of SIEM, IDS, IPS as well as FIM. LogRhythm – IT GRC Manager From a
has proven to be indispensable for our security operations center as well as Large Media Organization
in meeting NIST CSF, PCI DSS, ICFR, privacy and other requirements. (Source)

This year we doubled the size of our SIEM infrastructure and LogRhythm was
there as a partner through the entire process. We now process over 250,000 – SIEM Architect from the
MPS and have integrated LogRhythm throughout the business. The product 30B+ Services Organization
is great, the support is even better! Best vendor I have ever worked with. (Source)

Excellent product and extremely competitive price point. We compared a


number of alternative offerings and LogRhythm scored best in every criteria.
I really appreciate the fact that it is a SIEM first and foremost, not a log or – Chief Security Officer from a
UEBA tool trying to emulate SIEM functionality. The ability to extend through Medium Healthcare Organization
API and automation is superb! (Source)

Disclaimer: The GARTNER PEER INSIGHTS Logo is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.
Gartner Peer Insights reviews constitute the subjective opinions of individuals users based on their own experiences and do not represent the views of Gartner or its affiliates.
Today’s SOC Biggest Challenges

®LogRhythm 2022. All rights reserved. Company Confidential. 7


“SOC Biggest Challenges , Security is hard !”

Difficult Implementation Alarm Fatigue


• Disconnected Process • False Positive
• Steep Learning Curve • Too ManyAlarms
• Manual Workflow

Inefficient Systems Closed Architecture


• Narrow Scope of Security • Doesn’t easily Connect
Solutions with other systems
• Infrequent Updates and • Inflexible Enviornment
Features

®LogRhythm 2022. All rights reserved. Company Confidential. 8


Gartner SOC Visibility Triad

SIEM
UBEA

NDR Endpoint
Source:
Gartner, March 18, 2019, ID
G0037346
Next Gen SOC Technologies Requirement today

Big Data = Fast Search

Reporting & Advanced SIEM & Analytics


KPI Metrics Contents

SOAR and Incident UEBA / NDR Analytics


Management

®LogRhythm 2022. All rights reserved. Company Confidential. 10


This Approach Is Not Effective
Network Log Endpoint
Monitoring Management SIEM Monitoring
Network Monitoring & Forensics Log Management SIEM UEBA

Endpoint Monitoring & Forensics Security Analytics SOAR Network Behavioral Analytics

User & Entity Security Security Automation Network


Behavioral Analysis Analysis & Orchestration Behavioral Analytics
®LogRhythm 2022. All rights reserved. Company Confidential. 11
LR Approach Is

Forensic
Data Discover Qualify Investigate Neutralize Recover
Collection
SuperChargeYour SOC With LogRhythm NextGen Solution

®LogRhythm 2022. All rights reserved. Company Confidential. 13


LogRhythm NextGen SIEM Capabilities
*
O ptional
SIEM Capabilities UEBA Host Monitoring * L ic ense

• Big Data Platform • Cloud AI Using * • File , Process and


• 924+ Supported Machine Learning Registry Integrity
Technologies
• Scenario Based Monitoring
• 700+K Normalization Rules
UEBA Module • Mapped to MITRE
• 1200+ Reports Including
Compliance Modules ATT&K Framework

Analytics Capabilities NDR SOAR *

• 1000+ Security Use Cases • L7 Forensics • Manual and Auto


• Security , Operation and Capabilities * Response System
Business Analytics
• Threat Intelligence as well as
• Scenario Based NDR • Case Management
Predictive Threat Intelligence Analytical Modules and IR
*
• Playbooks

®LogRhythm 2022. All rights reserved. Company Confidential. 14


With logRhythm : Eliminate the blind spots

ENDPOINT, NETWORK, CLOUD, USER, LOG

Detection & Collection


“All our log sources are in one place, we
are well placed to respond immediately.”

VP information security, healthcare

®LogRhythm 2022. All rights reserved. Company Confidential. 15


With logRhythm : Stop The Attacks

MACHINE DATA INTELLIGENCE | AI & ML


| STATISTICAL | SEARCH

Hybrid Security Analytics


"We now have the power to eliminate
false positives, focus on the alerts we
have prioritized, and quickly identify
and escalate important alerts. »

IS security director, healthcare

®LogRhythm 2022. All rights reserved. Company Confidential. 16


With logRhythm : Collaborate quickly and easily to limit
damage and disruption

SECURITY ORCHESTRATION,
AUTOMATION & RESPONSE (SOAR)

Incident Response
« Prior to LogRhythm, the average
time to investigate and resolve a true
positive incident ranged from 240
minutes to 2,160 minutes. After
deployment, the range was 7.5
minutes to 90 minutes. »

Forrester Total Economic


Impact Study

®LogRhythm 2022. All rights reserved. Company Confidential. 17


Predict Threats , Future Proof your Business

®LogRhythm 2022. All rights reserved. Company Confidential. 18


Predictive XDR , the future is now !

Partnered With Seclytics Augur


Platform

®LogRhythm 2022. All rights reserved. Company Confidential. 19


Predictive XDR , March 2022 confirmed predictions

Partnered With Seclytics Augur


Platform

®LogRhythm 2022. All rights reserved. Company Confidential. 20


LogRhythm Unstoppable Innovation

®LogRhythm 2022. All rights reserved. Company Confidential. 21


The journey to the leading NextGen SIEM Platform

NextGen UI/UX Analytics-as-a-


(Web Console) service
Machine-Analytics
Foundation (AI Engine) (CloudAI)
LogRhythm 7.4
Data Processing Automation (Playbooks)
Foundation Content Delivery Foundation Behavior Case UserXDR
Foundation (KB) (SmartResponse) Analytics (AI Management networkXDR
Engine)
2005 2007 2010 2012 2014 2016 2018 2019

Patent: Log Data Network


Log Management Unified SIEM and Endpoint Elasticsearch
Processing (MPE) Forensics
Foundation Log Management Forensics Backend
(SysMon) (NetMon)
Patent: Stream-based LogRhythm UEBA
Analytics (AI Engine)
The journey to the leading NextGen SIEM Platform

7.7

Open Collector Web UI


Improvements
2020 2021

Boreas
Full Rest API Elastic Upgrade MistNet NDR 7.8
Advanced Reporting Web SSO
Net Mon 4
LogRhythm Added Value Services

®LogRhythm 2022. All rights reserved. Company Confidential. 24


*
LogRhythm Added Value Services O ptional
L ic ense

LR Support Professional Services


• Middle East And Africa • Certified Team of
Support is Based in UAE Professionals
and Egypt available in multiple
• 11/5 or 24/7 Support ME Countries

Copilot Service * TAM Service *


• Security Module • Named Point of
Implementation Contact
• Continuous Security • Proactive Checks
Posture Fine Tuning • Solution Guidance
• Analytical Advisor • Quarter Reporting
and Business Reviews

®LogRhythm 2022. All rights reserved. Company Confidential. 25


Deployment and Licensing Options

®LogRhythm 2022. All rights reserved. Company Confidential. 26


The Most Flexible and Deployment and Licensing Options

Appliances Software Cloud Licensing MSP Program


• Pre-staged • Reference designs • Support for private • Open access to full • Support for capex
• Horizontal and for dedicated and public product portfolio and opex models
vertical scalability hardware or virtual • Reference designs • Consistent, • Shared risk, pay-as-
• Building-block • Mix and match with and precreated predictable you-grow
architecture appliances images purchasing model
• Aligns to appliance • Full SaaS • User or volume
building blocks • CapEX or OpEX

Hybrid deployments also supported


Why LogRhythm?

Know your High analyst Denser defenses For today &


enemy experience tomorrow
A leader in the Gartner
20 years of security Unified experience Our technology and
Magic Quadrant for 9
experience built right provides an easy-to- intelligence are
years, LogRhythm
into your SecOps understand timeline of continually innovating
provides the most
platform delivers events and pre-built to enable your team to
comprehensive SecOps
immediate threat dashboards, alerts and mitigate emerging
technology to improve
detection and value reports for faster results threats
your security

®LogRhythm 2022. All rights reserved. Company Confidential. 28


No LogRhythm Deployment is the Same
LogRhythm in Banking

®LogRhythm 2022. All rights reserved. Company Confidential. 29


Banking Applications Activities
Accounts Created Information
Fraud Visibility Dashboard
Business Intelligence : Top Banking Logins + Top Exchange Centers

®LogRhythm 2022. All rights reserved. Company Confidential. 33


Sample Integrations | Different Industries
LogRhythm in Industrials OTs

®LogRhythm 2022. All rights reserved. Company Confidential. 34


Visualization of OT SOC
Threat Detection of OT
OT SOC KPIs (MTTD – MTTR)
Q &A

®LogRhythm 2022. All rights reserved. Company Confidential.

You might also like