Wednesday October 3, 2018 0 comments
BOULDER -- LogRhythm announced the U.S. Patent and Trademark Office has granted U.S. Patent 10,091,217 to LogRhythm, acknowledging it as the creator of data monitoring methods that enable risk-based classification of data, a critical component necessary to enable security operations center (SOC) teams to focus their resources on only their most critical and impactful security events.
The patent centers around LogRhythm’s risk-based prioritization (RBP) algorithm, which uses environmental risk characteristics and threat context to assign a risk-based score to all events and alarms, the company said.
The algorithm provides out-of-the box prioritization, but can also be tuned over time based on unique organizational needs. This enables SOC teams to focus their attention on the review, and subsequent mitigation and investigation of only the most impactful security events.
LogRhythm said today’s systemic shortage of highly-skilled security staff means SOC teams have to do increasingly more with increasingly less, which is only compounded by increased expectations of driving down mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) metrics.
LogRhythm said its NextGen SIEM Platform, which currently employs these risk-based prioritization features, helps SOC teams quickly adopt a risk-based monitoring strategy to reduce alarm fatigue and effectively focus time where it matters most.
“Enterprise security operations teams are typically overwhelmed with events and alarms that might indicate a cyberthreat is active within their environment,” said Chris Petersen, LogRhythm’s co-founder, chief product and tech officer and author of the patent.
“Data breaches happen when security operations teams miss these indicators, allowing threats to persist undetected within the IT environment for weeks or even months.
“The risk-based scoring algorithms covered by this patent help security operations teams focus on threat indicators most likely to represent true risk to the enterprise. This improves operational efficiency and materially reduces the risk of experiencing a data breach or other damaging cyber incident.”