Security Information and Event Management (SIEM) tools are indispensable in an organization’s cybersecurity framework. SIEM tools collect, analyze, and correlate log data from various devices and applications across an organization to identify suspicious activities, enhance overall security posture, and ensure… The post Log Ingestion 101: Which Logs Should You Be ... Read More

Former Ivanti ANZ Vice President brings extensive cloud, technology, and regional sales expertise to help accelerate momentum for cybersecurity leader Sydney — 31 October 2023 – LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals… The post LogRhythm Names Matthew Lowe As ANZ Country Manager ... Read More

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about how adversaries may… The post Account Discovery: Windows – Security Spotlight appeared first ... Read More

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks.  In this Security Spotlight, we’ll be talking about BITS, and… The post Monitoring BITSAdmin Misuse – Security Spotlight appeared first ... Read More

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks.  In this Security Spotlight, we’ll be talking about the execution… The post SCR File Execution Using Rundll32 – Security Spotlight ... Read More

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks.  In this Security Spotlight, we’ll be talking about the Raspberry… The post Detecting Raspberry Pi on the Network – Security ... Read More

The “Security Spotlight” blog series provides insight into emerging cyberthreats and shares tips for how you can leverage LogRhythm’s security tools, services, and out-of-the-box content to defend against attacks. In this Security Spotlight, we’ll be talking about monitoring Virtual Network… The post Security Spotlight: Monitoring Virtual Network Computing appeared first ... Read More

The ‘Security Spotlight’ series of blogs is written in accompaniment with the YouTube series of the same name, which is aimed at providing quick visibility and understanding into how you can leverage the LogRhythm platform against a variety of threats.… The post Security Spotlight: Credential Dumping LSASS via comsvsc.dll appeared ... Read More

The ‘Security Spotlight’ series of blogs is written in accompaniment with the YouTube series of the same name, which is aimed at providing quick visibility and understanding into how you can leverage the LogRhythm platform against a variety of threats. … The post Security Spotlight: Monitoring Users Opening Malicious Files appeared ... Read More

The ‘Security Spotlight’ series of blogs is written in accompaniment with the YouTube series of the same name, which is aimed at providing quick visibility and understanding into how you can leverage the LogRhythm platform against a variety of threats.… The post Security Spotlight: Tips to Monitor Disabled and Deleted ... Read More