LogRhythm, The Security Intelligence Company, has introduced CloudAI, a technology designed to help LogRhythm customers across the globe avoid damaging cyber incidents such as high-profile data breaches. CloudAI is an advanced cloud-based security analytics offering that is available as a fully integrated, add-on subscription service for the LogRhythm Threat Lifecycle Management Platform. Initially focused on extending and enhancing LogRhythm’s existing user and entity behaviour analytics (UEBA) capabilities, CloudAI uses artificial intelligence to detect advanced threats that employ unknown attacks and unknown methods and provide security teams immediate visibility into emerging and active user-based threats.
Today, many security teams face significant challenges finding qualified personnel, and they are typically charged with doing more with fewer resources. Security teams often cannot afford to spend time on extensive manual threat-hunting exercises or deploying and managing yet another security product. CloudAI’s machine learning-driven approach automates the detection of advanced threats through self-evolving, cloud-based analytics. This approach enables security personnel to efficiently and effectively defeat the rapidly growing volume of threats targeting their organisations daily — even as attackers rapidly modify their methods and enterprise attack surfaces continue to expand.
Powered by self-evolving analytics and artificial intelligence techniques such as unsupervised machine learning, CloudAI detects emerging and advanced threats based on deep analysis of observed activities and behavioural shifts. To continuously enhance accuracy, CloudAI employs supervised machine learning and real-world feedback from LogRhythm’s global customer base. Ultimately, CloudAI’s high-accuracy threat detection is designed to reduce false positives and associated alarm fatigue, enabling security personnel to focus on prioritised risks and drive greater efficiency in the security operations centre (SOC).
“We believe artificial intelligence holds the promise to transform the accuracy of threat detection and automate broad categories of work within the SOC,” said LogRhythm CTO and Senior Vice President of Research & Development, Chris Petersen. “CloudAI has the potential to be a leap forward in the evolution of the AI-enabled SOC, giving organisations the capability to significantly improve the efficacy of their threat detection and response programs.”
CloudAI’s UEBA capabilities work in conjunction with LogRhythm’s existing scenario-based analytics and extensive library of field-proven threat models, which are designed to detect the known tactics, techniques and procedures of threat actors. When combined, the CloudAI-enhanced UEBA offering provides customers increased protection from threats utilising both known and unknown methods. “CloudAI has allowed us to become more successful in detecting user based threats that would have previously eluded us without the benefit of blind luck or manually sifting through an avalanche of forensic data,” said Prologis Senior Security Architect, Tyler Warren. “My team simply can’t afford to waste time pursuing false positives. CloudAI does the time-consuming work for us, allowing us to focus on the things that really matter.”
“LogRhythm is working hard to advance the state of the art of analytics by delivering a tightly-integrated artificial intelligence technology that can automate a wide variety of security tasks—including threat detection, incident response, and platform administration. This capability can help security teams do their job better,” said ESG Senior Principal Analyst, Jon Oltsik. “LogRhythm’s new CloudAI offering provides the opportunity for the company to establish itself as a leading player in the emerging User & Entity Behavioral Analytics (UEBA) market.”
CloudAI is delivered from the cloud, enabling easy and rapid customer adoption, saving time and money and providing customers access to a class of AI-enabled analytics that are not otherwise technically practical or affordable to deploy on-premise. As a subscription-based service, CloudAI can be added easily and cost-effectively to the LogRhythm platform, without the need for additional hardware or software. And its turnkey delivery streamlines administration and management, allowing security teams to focus on their core missions.
LogRhythm is the pioneer in Threat Lifecycle ManagementTM (TLM) technology, empowering organisations on six continents to rapidly detect, respond to and neutralise damaging cyberthreats. LogRhythm’s TLM platform unifies leading-edge data lake technology, artificial intelligence, security analytics and security automation and orchestration in a single end-to-end solution. LogRhythm serves as the foundation for the AI-enabled security operations centre, helping customers secure their cloud, physical and virtual infrastructures for both IT and OT environments. Among other accolades, LogRhythm is positioned as a Leader in Gartner’s SIEM Magic Quadrant.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.