Follow LogRhythm:

 Follow LogRhythm on Twitter Visit the LogRhythm BLOG, The DiaLog

French Landing Page
Products
       One Integrated Solution
       Log and Event Management
          Log Management
          Log Analysis
          Event Management
          Intelligent IT Search
       Advanced Intelligence Engine (AI)
       SmartResponse
       File Integrity Monitoring
       Host Activity Monitoring
       Geolocation & Visualization
       Reporting
       Turnkey Appliances
       High Availability Solutions
       Software & Virtual Deployments
       Advanced Agent
       WebRhythm Remote Access
       Cisco MARS Replacement

Applications
       Overview
       Compliance
          PCI DSS Compliance
          HIPAA Compliance
          NRC GR 5.71
          NEI Compliance
          NERC CIP Compliance
          SOX Compliance
          GLBA Compliance
          FISMA Compliance
          GCSX Compliance
          Protective Monitoring: GPG13
       SIEM
       IT Optimization
       Business Intelligence
       Insider Threat/Fraud Detection
       Forensics/Investigation
       eDiscovery
       Database Monitoring

Services
       Professional Services
       LogRhythm Labs
       Training Options
          Online Instructor-Led Schedule
          Boulder Based Schedule
       Maintenance and Support

Resources
       Overview
       Prepare for NERC CIP
       Datasheets
       Use Cases
          Protective Monitoring
          Detect Advanced Threats (APTs)
          Absence of an Event
          Continuous Monitoring
          Rapid Forensics
          Advanced Correlation
          Rapid Time-to-Value
          Fraud Detection and Prevention
          Protecting Critical Assets
          Change Control
          Protecting ePHI
          Enriching Data w/ Geolocation
          Network & Process Monitoring
          Controlling Operating Costs
          Privileged User Monitoring
          Flexible Reporting
          Visualizing Log & Event Data
          Zero Day Exploits
          Architecture for Any Enterprise
       Case Studies
          Canadian Auto Association
          University of Nottingham
          Endsleigh Insurance Services
          The Share Centre
          ALPS Funds Services
          St John Ambulance
          Phoenix Sun
          Ventura
          Ascent Media Group
          Commidea
          Center for American Progress
          Fortis Bank
          Cardiff County Council
          Regis Corporation
       Compliance Solution Briefs
       Compliance White Papers
       Sample Reports
       Customer Testimonials
       3-Minute Product Demo
       In-Depth Product Demo
       Request Online Demonstration
       Multimedia
       Industry Info
       Request More Info

Partners
       Partners Overview
       Reseller Partners
       MSP/MSSP Partners
       Services and Solutions Partners
       Technology Partners
       Ecosystem Partners

Company
       Overview
       In the News
       Press Releases
          Press Releases - Current
          Press Releases 2010
          Press Releases 2009
          Press Releases 2008
       Events
       Executive Team
       Careers
       Contact
       Privacy Policy

Support
       Customer Support Portal
Schedule an Online LogRhythm Demo Download White Papers Request More Information View 3-Minute Product Demo
Resources

What sold me on LogRhythm was … the simple, straightforward way we can get real insight into our network. Everyone in IT can use it to be more effective.

 

Steve Heibein
Vice President of Technology 
Center for American Progress

Protecting Critical Assets from Data Breaches


When it comes to protecting a network, organizations need to defend critical IT assets from any potential threat – whether inside or outside of the organization. In many cases the source of the breach may not be aware of its culpability – such as the victim of stolen credentials, or a system running a Trojan horse programmed to automatically send confidential data to an unauthorized recipient.


The challenge is keeping an eye on all systems within a large, heterogeneous environment, accurately identifying improper or malicious user behavior, as well as detecting software-based breaches. While many of the systems already in place may be capable of detecting a specific category of events, it is critical to have the ability to identify any potentially malicious behavior.
Download Protecting Critical Assets 'PDF'

LogRhythm can help monitor and protect critical IT assets:

Identifying the Imposters
Challenge The larger the company, the greater the challenge in keeping track of individual users and identifying if and when an account has been compromised. Globally distributed workforces make it even more
difficult to correctly identify compromised credentials.
Solution LogRhythm can send out immediate notifications when an account is added or modified. Active Directory integration allows administrators to easily correlate authorized access with relevant activity indicating inappropriate behavior or compromised credentials.
Benefit LogRhythm’s data enrichment capabilities provide a valuable context layer that allows IT administrators to quickly identify suspicious behavior, such as a user accessing the network from a non-whitelisted location or a duplicate set of access credentials being created for a privileged user’s account.

 

Controlling the Data Flow
 Challenge Excessive data transfers may signify aberrant behavior, but determining whether transfers are suspicious or legitimate is difficult in an enterprise environment. Without backend correlation of all log and event data, many organizations have no way to tie large data transfers to specific assets.
Solution LogRhythm’s wizard-based toolset allows users to easily set up alarms to alert on data transfers meeting specific criteria such as size or frequency. Advanced filters provide additional granularity by
allowing users to identify individual assets or specific time windows.
Benefit LogRhythm’s optional agents include Data Loss Defender – providing additional security on critical assets by independently detecting and alerting on removable media usage. It can even prevent the transfer of data to an unauthorized device such as a CD/DVD or a USB thumb drive.

 

Targeting the Threat
Challenge Insider threats are not always tied to specific user behavior. In many
cases they are perpetrated by malicious software that has either been intentionally loaded onto a machineor has been installed on a vulnerable system through an external attack such as a worm or Trojan horse virus.
Solution

LogRhythm’s building block architecture and enterprise scalability allows organizations to expand at their own pace. As requirements exceed existing capacity, expansion is as simple as plugging in a new appliance.
Benefit LogRhythm can automatically alert on suspect behavior on controlled
servers and devices. This can include general activity such as non-whitelisted processes starting up, or specific blacklisted actions, including outbound file transfers or ftp services starting up.

 

 
 
© 2011 LogRhythm, Inc.    All Rights Reserved.