LogRhythm's software is making accessible a cutting-edge security concept called SOAR — security orchestration, automation and response. Courtesy LogRhythm.

LogRhythm software update to help customers SOAR above security threats

BOULDER — LogRhythm Inc., a security intelligence company, is seeing success in its latest software update which makes cutting-edge ideas in cybersecurity more accessible.

LogRhythm’s software is making accessible a cutting-edge security concept called SOAR — security orchestration, automation and response. Courtesy LogRhythm.

The company’s latest software release, version 7.4 of its NextGen SIEM platform, makes it easier to use SOAR techniques — security orchestration, automation and response — a cybersecurity concept that first become popular about 18 months ago. SOAR allows for the security teams for enterprise companies — companies with 500 or more employees that all could be potential weak spots for security — better handle their case management.

In a large company’s security operations center, or SOC, teams of analysts are constantly fielding potential security threats in the form of phished employees, hackers and inside threats like employees looking to embezzle funds or even those possibly being extorted by hackers for cyber espionage.

“The job of an SOC manager is 24/7, with different threats coming nonstop,” Chris Petersen, co-founder and chief product and technology officer at LogRhythm told BizWest. “With SOAR capabilities, security analysts and teams can be more efficient keeping up with the various threats coming at them…. We make sure whatever can be automated is automated and through that automation create more throughput for teams to quickly investigate if a threat is real.”

LogRhythm’s goal is to automate as many menial tasks as possible so that teams can use human brain power for more important tasks, like being proactive and preventative in cybersecurity rather than reactive.

LogRhythm’s automation falls in two main camps: information gathering and remediation.

By automating information gathering, queries about databases containing a certain IP address or malware can be done automatically, pulling that information and providing an analyst with more context. And by automating remediation, simpler tasks like quarantining a phished employee’s account and automatically generating a password reset not only saves on manpower, but can be done quicker than in a ticket for a phished account was filed and sitting in a pile of cases for days or even weeks, possibly jeopardizing more accounts and spreading the attack. Rather, than task can be done within minutes through automation.

LogRhythm has been implementing SOAR since it became more popular, but its latest software update looks to make it simpler and more accessible. It helps SOC teams create a playbook of how exactly they will handle security events like a phished account — and then creates a checklist of what needs to be done to eliminate that threat, complete with task assignments and deadlines. It also can automate responses to threats and can provide key metrics to how a team is doing.

LogRhythm’s latest software, version 7.4, is now available to all of its customers and is seeing rapid reduction. Although it’s been implementing SOAR techniques into its software prior to its latest update, version 7.4 makes it even easier for customers to use and is seeking great success since it was made public on Oct. 22.

“The goal of SOAR is to reduce the amount of time a team is taking in responding to incidents,” Seth Goldhammer, senior director of product marketing for LogRhythm, told BizWest. “It provides time to do more sophisticated threat-hunting exercises and allow the team to be more secure through more proactive measures instead of just responding.”

BOULDER — LogRhythm Inc., a security intelligence company, is seeing success in its latest software update which makes cutting-edge ideas in cybersecurity more accessible.

LogRhythm’s software is making accessible a cutting-edge security concept called SOAR — security orchestration, automation and response. Courtesy LogRhythm.

The company’s latest software release, version 7.4 of its NextGen SIEM platform, makes it easier to use SOAR techniques — security orchestration, automation and response — a cybersecurity concept that first become popular about 18 months ago. SOAR allows for the security teams for enterprise companies — companies with 500 or more employees that all could be potential weak spots for security — better handle their case management.

In a large company’s security operations center, or SOC, teams of analysts are constantly fielding potential security threats in the form of phished employees, hackers and inside threats like employees looking to embezzle funds or even those possibly being extorted by hackers for cyber espionage.

“The job of an SOC manager is 24/7, with different threats coming nonstop,” Chris Petersen, co-founder and chief product and technology officer at LogRhythm told BizWest. “With SOAR capabilities, security analysts and teams can be more efficient keeping up with the various threats coming at them…. We make sure whatever can be automated is automated and through that automation create more throughput for teams to quickly investigate if a threat is real.”

LogRhythm’s goal is to automate as many menial…