Thursday October 12, 2017 0 comments
BOULDER -- LogRhythm announced the release of CloudAI, a technology designed to help LogRhythm customers across the globe avoid damaging cyber incidents such as high-profile data breaches.
LogRhythm said CloudAI is an advanced cloud-based security analytics offering available as a fully integrated, add-on subscription service for the LogRhythm Threat Lifecycle Management Platform.
Initially focused on extending and enhancing LogRhythm’s existing user and entity behavior analytics (UEBA) capabilities, CloudAI uses artificial intelligence to detect advanced threats that employ unknown attacks and unknown methods and provide security teams immediate visibility into emerging and active user-based threats, the company said.
CloudAI’s machine learning-driven approach automates the detection of advanced threats through self-evolving, cloud-based analytics.
LogRhythm said this approach enables security personnel to efficiently and effectively defeat the rapidly growing volume of threats targeting their organizations daily — even as attackers rapidly modify their methods and enterprise attack surfaces continue to expand.
Powered by self-evolving analytics and artificial intelligence techniques such as unsupervised machine learning, CloudAI detects emerging and advanced threats based on deep analysis of observed activities and behavioral shifts.
To continuously enhance accuracy, CloudAI employs supervised machine learning and real-world feedback from LogRhythm’s global customer base.
Ultimately, CloudAI’s high-accuracy threat detection is designed to reduce false positives and associated alarm fatigue, enabling security personnel to focus on prioritized risks and drive greater efficiency in the security operations center (SOC).
“We believe artificial intelligence holds the promise to transform the accuracy of threat detection and automate broad categories of work within the SOC,” said Chris Petersen, LogRhythm CTO and senior VP of Research & Development.
“CloudAI has the potential to be a leap forward in the evolution of the AI-enabled SOC, giving organizations the capability to significantly improve the efficacy of their threat detection and response programs.”
CloudAI’s UEBA capabilities work in conjunction with LogRhythm’s existing scenario-based analytics and extensive library of field-proven threat models, which are designed to detect the known tactics, techniques and procedures of threat actors.
When combined, the CloudAI-enhanced UEBA offering provides customers increased protection from threats utilizing both known and unknown methods, the company said.
“CloudAI has allowed us to become more successful in detecting user based threats that would have previously eluded us without the benefit of blind luck or manually sifting through an avalanche of forensic data,” said Tyler Warrren, Prologis senior security architect.
“My team simply can’t afford to waste time pursuing false positives. CloudAI does the time-consuming work for us, allowing us to focus on the things that really matter.”
“LogRhythm is working hard to advance the state of the art of analytics by delivering a tightly-integrated artificial intelligence technology that can automate a wide variety of security tasks—including threat detection, incident response, and platform administration,” said Jon Oltsik, ESG senior principal analyst.
“This capability can help security teams do their job better. LogRhythm’s new CloudAI offering provides the opportunity for the company to establish itself as a leading player in the emerging User & Entity Behavioral Analytics (UEBA) market.”
LogRhythm said CloudAI is delivered from the cloud, enabling easy and rapid customer adoption, saving time and money and providing customers access to a class of AI-enabled analytics that are not otherwise technically practical or affordable to deploy on-premise.
As a subscription-based service, CloudAI can be added easily and cost-effectively to the LogRhythm platform, without the need for additional hardware or software, the company said.