Home > News > featured news > LogRhythm Announces Partnership with Zscaler to Address Cloud Access Security Challenges Faced by the Modern SOC

Data Security, InfoSec Project Management

LogRhythm Announces Partnership with Zscaler to Address Cloud Access Security Challenges Faced by the Modern SOC

Businesswire | April 24, 2023 | Read time : 02:00 min

LogRhythm Announces Partnershipb

LogRhythm, the company empowering security teams to navigate the ever-changing threat landscape with confidence, announced its partnership with Zscaler, the leader in cloud security. LogRhythm and Zscaler work together to help organizations around the globe increase network insight and address a variety of cloud access security challenges faced by the modern SOC. LogRhythm SIEM and the Zscaler Zero Trust Exchange™ platform provide unparalleled visibility and security to facilitate a modern Zero Trust architecture.

Zscaler secures all user, workload, and device communications over any network, anywhere. The integration with LogRhythm provides visibility into everything occurring in your network, and the websites and cloud-based resources employees are using. This level of visibility is crucial to protecting organizations. With a Zero Trust approach on many organizations’ minds, it’s imperative to have the right tools to defend against cyber threats. The LogRhythm SmartResponse™ for Zscaler Internet Access (ZIA)™ enables remediation actions from the LogRhythm console. As logs are ingested from Zscaler’s Nanolog Streaming Service (NSS) into the LogRhythm SIEM platform, the LogRhythm SmartResponse™ for Zscaler can also automatically denylist the URL in Zscaler when a banned keyword or URL is detected.

“Securing an organization’s systems and networks begins with high-fidelity and trustworthy log data. LogRhythm’s expertise in turning log data into actionable insights delivered through dashboards and analytics is unrivaled in the industry,” said Andrew Hollister, Chief Information Security Officer at LogRhythm. “The combined benefits of LogRhythm SmartResponse™ and Zscaler Internet Access facilitate modern Zero Trust architecture that is the security backbone of companies across the globe.”

The LogRhythm SmartResponse™ for Zscaler performs several actions including denylisting a URL, getting policy information, and adding a URL category. It simplifies running actions between the SIEM and Zscaler by centralizing day-to-day security tasks to a single console. Other key benefits of this integration include: Simplified ingestion and contextualization of Zscaler log data Accelerated detection of unwanted or denylisted URLs Use of a single console to investigate and block suspicious website access Faster response with enhanced investigative capabilities

“Zscaler’s Zero Trust Exchange reduces the attack surface and enforces cybersecurity policies, and this new integration with LogRhythm can help security teams with richer insights," said Amit Raikar, VP of Technology Partnerships at Zscaler. "By leveraging Zscaler APIs for cloud-to-cloud log streaming, LogRhythm customers can gather threat and policy telemetry across a hybrid workforce accessing multicloud and SaaS applications, giving analysts a complete picture from the depth of information in Zsacler logs for optimal threat hunting and investigations."

This new announcement continues LogRhythm’s impressive momentum from 2022 into this year. In addition to announcing a series of expanded capabilities and integrations for its security operations solutions, which included updates to the company’s cloud-native LogRhythm Axon platform, LogRhythm also announced its integration with SentinelOne. The integration streamlines security operations and improves response workflow, helping overwhelmed security teams cut through the noise and gain precise insights into cybersecurity threats.

About LogRhythm

LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency.

With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks.

Spotlight

Getting Started with DMARC Secure your email. Stop phishing. Protect your brand.

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

More featured news

Spotlight

Getting Started with DMARC Secure your email. Stop phishing. Protect your brand.

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

Related News

Data Security, Platform Security, Software Security

Laminar Adds SaaS and Deepens Data Warehouse Support for its Data Security Platform

Businesswire | July 20, 2023

Laminar, the leading agile data security platform provider, today announced it has added Microsoft SharePoint Online and Google BigQuery to its existing support for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Snowflake. The additions make the Laminar Data Security Platform the first and only cloud-native data security solution to support all major cloud service providers (CSPs), leading data warehouses, and common software-as-a-service (SaaS) applications used by today’s top enterprises. The cloud’s limitless potential is rooted in the data that an organization has, and what they do with it. To power innovation, 94% of enterprises use cloud services and applications. Microsoft SharePoint is the third most popular enterprise application, with 65% of its users adopting the cloud version, SharePoint Online. Employees routinely collaborate on shared content, and developers work with it as well to automate business processes, track progress, and share information across departments or with partners. Similarly, Google BigQuery is one of the top three data warehouse solutions. It is a powerful analytics platform that excels at processing and analyzing massive volumes of data quickly and efficiently. With its scalable architecture and advanced querying capabilities, BigQuery enables organizations to gain valuable insights from their data in real time, empowering data-driven decision-making and accelerating business growth. Both solutions enable developers, data scientists, and other innovators to be creative and extract the maximum value from their operational data. For instance, business intelligence staff may use these tools to analyze customer purchase patterns or sales trends, while data scientists may look out for hidden associations within the data to inform new strategies. Unfortunately, these same activities also open organizations up to significant risk by generating unknown or “shadow” data — a top concern for 93% of data security and governance professionals. Data security needs to be agnostic to the infrastructure in which data resides. Security posture must also travel with the data, as it moves through the cloud and the related data warehouses and applications. By adding support for Microsoft SharePoint Online and Google BigQuery, customers using the Laminar Data Security Platform can now discover, classify, and secure data in even more environments. Thus, data security and governance teams can see and secure their organizations’ data consistently across the entire digital landscape. "Data security is different, and more challenging in the cloud. Shadow data is everywhere and data security pros want to know where their sensitive data is, how it is accessed, used, and protected. Whether its structured, unstructured, managed, in SaaS, data warehouse, or embedded database” said Amit Shaked, CEO and Co-Founder, Laminar. “They are not experts in SaaS/PaaS/IaaS and certainly not individual data storage services. They want visibility into all their cloud data from a single source. Our continued support for the diversity of cloud environments, including now SaaS, means customers can have a unified, consistent approach to data security.” The news continues Laminar’s ongoing product innovation, following the announcement of support for GCP and Snowflake, as well as data detection and response (DDR) and data access governance (DAG) capabilities. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Enterprise Security, Platform Security, Software Security

Detectify Improves Attack Surface Risk Visibility With New IP Addresses View

Business Wire | August 14, 2023

Detectify, the leading External Attack Surface Management platform powered by elite ethical hackers, today announced enhancements to its platform that can significantly help to elevate an organization’s visibility into its attack surface. Many organizations need help gaining visibility into the IP addresses across their whole environment. Detectify's new capabilities enable organizations to uncover unauthorized assets and ensure regulatory compliance. The attack surface has grown exponentially, not least in how decentralized organizations have become. Over 10% of Detectify customers are hosting data across three continents, illustrating how their products and services are more global than ever. Detectify also notes that 30% of their customer base is leveraging more than 5 service providers, which reflects the growing trend in vulnerabilities as a result of human errors, like server misconfigurations. Moreover, organizations are quickly expanding their digital footprint, with 73% of Detectify customers using IPv6 addresses. With the introduction of the new IP Addresses view, Detectify users gain seamless access to a comprehensive list of all IPs associated with their domains, accompanied by valuable insights, including hosting provider details, geographical locations, and Autonomous System Numbers (ASNs). This update is further complemented by interactive charts, enabling users to detect outlier countries or providers, and streamlining the process of identifying potential security concerns. "It's not uncommon for our customers to encounter instances where unauthorized geolocations are used to spin up new machines or witness sudden spikes in hosting activities from approved countries,” said Danwei Tran Luciani, Interim VP of Product at Detectify. “These anomalies can expose organizations to risk, particularly when traditional automated detection methods fall short. Our new IP Addresses view empowers security teams to proactively address these challenges, strengthening their overall cybersecurity posture." Detectify's new IP Addresses view provides security teams with tangible benefits to navigate complex attack surfaces, such as: Uncovering unauthorized assets: For organizations with large attack surfaces, this capability allows users to identify unauthorized assets hosted by unapproved vendors. By instantly detecting an asset being hosted by a non-approved provider, security teams can take swift action and mitigate potential threats. Ensuring regulatory compliance: For businesses operating in highly regulated environments where compliance is paramount, the new view is critical in determining the hosting locations of specific customer data. This enhanced visibility ensures adherence to regulatory requirements and fortifies data privacy measures. The new IP Addresses view is now available to all Detectify customers, reinforcing the company's commitment to empowering security teams with cutting-edge solutions to safeguard organizations’ ever-evolving attack surfaces. For more information visit www.detectify.com About Detectify Detectify sets the standard for External Attack Surface Management (EASM), providing 99.7% accurate vulnerability assessments. Product security and AppSec teams trust Detectify to expose exactly how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks crowdsourced through its global community of elite ethical hackers, exposing critical weaknesses before it’s too late. Go hack yourself: detectify.com.

Read More

Enterprise Security, Platform Security, Software Security

ZeroFox Contributes to Open Source Amass Project to Help Businesses Manage Their External Attack Surface

Globenewswire | July 21, 2023

ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, highlights its recent contributions to the OWASP Amass Project in an ongoing effort to give businesses and government entities better visibility to their full external attack surface asset ecosystem. The recent additions to the project from the ZeroFox team provide more advanced tool sets for analysts to discover and catalog their internet-facing assets and exposures. The contributions create a new standard framework to lead the industry in a more cohesive approach to attack surface management. As organizations face increasingly sophisticated cyber threats, understanding and managing their external attack surface has become paramount. By leveraging its expertise in external cybersecurity, ZeroFox identified a critical gap in the attack surface management landscape and responded by spearheading the development of the Open Asset Model and Asset Database within the OWASP Amass Project. The Open Asset Model and Asset Database contributions offer security analysts a unified and structured approach to identifying and managing potential vulnerabilities outside the perimeter. The Open Asset Model provides a new standard for asset definitions, representing a comprehensive framework for describing and categorizing diverse internet-facing assets. The Amass community can quickly adapt the model to include new types of assets exposed on the Internet, and their relationships to each other, for more accurate discovery, tracking, monitoring, and management. The Asset Database implements this model, offering the database interaction layer to store discovered assets in the popular sqlite3 and PostgreSQL database management systems. The Asset Database will foster the development of an ecosystem of scanning and analysis tools, allowing them to store and analyze assets from the Open Asset Model and their relationships. These contributions directly benefit both existing Amass users and the broader attack surface management community in an effort to standardize asset definitions. The new standards now provide the information security community with a consistent and predictable format when transferring data describing external attack surfaces. "We are thrilled to contribute to the OWASP Amass Project and provide the security community with cutting-edge tools for Attack Surface Management," said Jeff Foley, VP of Research at ZeroFox. "By leveraging the power of open source, we aim to expand access to advanced cybersecurity capabilities, helping organizations proactively defend against emerging threats." These engineering contributions represent a continued commitment by ZeroFox to the open source community, OWASP, and the Amass Project. ZeroFox will continue to contribute to the Amass Project in an effort to enable the discovery, management, and protection of the external attack surface. By sharing its expertise and resources, ZeroFox aims to foster collaboration and innovation within the information security community, ultimately making the digital landscape safer for all users. About ZeroFox ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

Read More

Data Security, Platform Security, Software Security

Laminar Adds SaaS and Deepens Data Warehouse Support for its Data Security Platform

Businesswire | July 20, 2023

Laminar, the leading agile data security platform provider, today announced it has added Microsoft SharePoint Online and Google BigQuery to its existing support for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and Snowflake. The additions make the Laminar Data Security Platform the first and only cloud-native data security solution to support all major cloud service providers (CSPs), leading data warehouses, and common software-as-a-service (SaaS) applications used by today’s top enterprises. The cloud’s limitless potential is rooted in the data that an organization has, and what they do with it. To power innovation, 94% of enterprises use cloud services and applications. Microsoft SharePoint is the third most popular enterprise application, with 65% of its users adopting the cloud version, SharePoint Online. Employees routinely collaborate on shared content, and developers work with it as well to automate business processes, track progress, and share information across departments or with partners. Similarly, Google BigQuery is one of the top three data warehouse solutions. It is a powerful analytics platform that excels at processing and analyzing massive volumes of data quickly and efficiently. With its scalable architecture and advanced querying capabilities, BigQuery enables organizations to gain valuable insights from their data in real time, empowering data-driven decision-making and accelerating business growth. Both solutions enable developers, data scientists, and other innovators to be creative and extract the maximum value from their operational data. For instance, business intelligence staff may use these tools to analyze customer purchase patterns or sales trends, while data scientists may look out for hidden associations within the data to inform new strategies. Unfortunately, these same activities also open organizations up to significant risk by generating unknown or “shadow” data — a top concern for 93% of data security and governance professionals. Data security needs to be agnostic to the infrastructure in which data resides. Security posture must also travel with the data, as it moves through the cloud and the related data warehouses and applications. By adding support for Microsoft SharePoint Online and Google BigQuery, customers using the Laminar Data Security Platform can now discover, classify, and secure data in even more environments. Thus, data security and governance teams can see and secure their organizations’ data consistently across the entire digital landscape. "Data security is different, and more challenging in the cloud. Shadow data is everywhere and data security pros want to know where their sensitive data is, how it is accessed, used, and protected. Whether its structured, unstructured, managed, in SaaS, data warehouse, or embedded database” said Amit Shaked, CEO and Co-Founder, Laminar. “They are not experts in SaaS/PaaS/IaaS and certainly not individual data storage services. They want visibility into all their cloud data from a single source. Our continued support for the diversity of cloud environments, including now SaaS, means customers can have a unified, consistent approach to data security.” The news continues Laminar’s ongoing product innovation, following the announcement of support for GCP and Snowflake, as well as data detection and response (DDR) and data access governance (DAG) capabilities. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Enterprise Security, Platform Security, Software Security

Detectify Improves Attack Surface Risk Visibility With New IP Addresses View

Business Wire | August 14, 2023

Detectify, the leading External Attack Surface Management platform powered by elite ethical hackers, today announced enhancements to its platform that can significantly help to elevate an organization’s visibility into its attack surface. Many organizations need help gaining visibility into the IP addresses across their whole environment. Detectify's new capabilities enable organizations to uncover unauthorized assets and ensure regulatory compliance. The attack surface has grown exponentially, not least in how decentralized organizations have become. Over 10% of Detectify customers are hosting data across three continents, illustrating how their products and services are more global than ever. Detectify also notes that 30% of their customer base is leveraging more than 5 service providers, which reflects the growing trend in vulnerabilities as a result of human errors, like server misconfigurations. Moreover, organizations are quickly expanding their digital footprint, with 73% of Detectify customers using IPv6 addresses. With the introduction of the new IP Addresses view, Detectify users gain seamless access to a comprehensive list of all IPs associated with their domains, accompanied by valuable insights, including hosting provider details, geographical locations, and Autonomous System Numbers (ASNs). This update is further complemented by interactive charts, enabling users to detect outlier countries or providers, and streamlining the process of identifying potential security concerns. "It's not uncommon for our customers to encounter instances where unauthorized geolocations are used to spin up new machines or witness sudden spikes in hosting activities from approved countries,” said Danwei Tran Luciani, Interim VP of Product at Detectify. “These anomalies can expose organizations to risk, particularly when traditional automated detection methods fall short. Our new IP Addresses view empowers security teams to proactively address these challenges, strengthening their overall cybersecurity posture." Detectify's new IP Addresses view provides security teams with tangible benefits to navigate complex attack surfaces, such as: Uncovering unauthorized assets: For organizations with large attack surfaces, this capability allows users to identify unauthorized assets hosted by unapproved vendors. By instantly detecting an asset being hosted by a non-approved provider, security teams can take swift action and mitigate potential threats. Ensuring regulatory compliance: For businesses operating in highly regulated environments where compliance is paramount, the new view is critical in determining the hosting locations of specific customer data. This enhanced visibility ensures adherence to regulatory requirements and fortifies data privacy measures. The new IP Addresses view is now available to all Detectify customers, reinforcing the company's commitment to empowering security teams with cutting-edge solutions to safeguard organizations’ ever-evolving attack surfaces. For more information visit www.detectify.com About Detectify Detectify sets the standard for External Attack Surface Management (EASM), providing 99.7% accurate vulnerability assessments. Product security and AppSec teams trust Detectify to expose exactly how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks crowdsourced through its global community of elite ethical hackers, exposing critical weaknesses before it’s too late. Go hack yourself: detectify.com.

Read More

Enterprise Security, Platform Security, Software Security

ZeroFox Contributes to Open Source Amass Project to Help Businesses Manage Their External Attack Surface

Globenewswire | July 21, 2023

ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, highlights its recent contributions to the OWASP Amass Project in an ongoing effort to give businesses and government entities better visibility to their full external attack surface asset ecosystem. The recent additions to the project from the ZeroFox team provide more advanced tool sets for analysts to discover and catalog their internet-facing assets and exposures. The contributions create a new standard framework to lead the industry in a more cohesive approach to attack surface management. As organizations face increasingly sophisticated cyber threats, understanding and managing their external attack surface has become paramount. By leveraging its expertise in external cybersecurity, ZeroFox identified a critical gap in the attack surface management landscape and responded by spearheading the development of the Open Asset Model and Asset Database within the OWASP Amass Project. The Open Asset Model and Asset Database contributions offer security analysts a unified and structured approach to identifying and managing potential vulnerabilities outside the perimeter. The Open Asset Model provides a new standard for asset definitions, representing a comprehensive framework for describing and categorizing diverse internet-facing assets. The Amass community can quickly adapt the model to include new types of assets exposed on the Internet, and their relationships to each other, for more accurate discovery, tracking, monitoring, and management. The Asset Database implements this model, offering the database interaction layer to store discovered assets in the popular sqlite3 and PostgreSQL database management systems. The Asset Database will foster the development of an ecosystem of scanning and analysis tools, allowing them to store and analyze assets from the Open Asset Model and their relationships. These contributions directly benefit both existing Amass users and the broader attack surface management community in an effort to standardize asset definitions. The new standards now provide the information security community with a consistent and predictable format when transferring data describing external attack surfaces. "We are thrilled to contribute to the OWASP Amass Project and provide the security community with cutting-edge tools for Attack Surface Management," said Jeff Foley, VP of Research at ZeroFox. "By leveraging the power of open source, we aim to expand access to advanced cybersecurity capabilities, helping organizations proactively defend against emerging threats." These engineering contributions represent a continued commitment by ZeroFox to the open source community, OWASP, and the Amass Project. ZeroFox will continue to contribute to the Amass Project in an effort to enable the discovery, management, and protection of the external attack surface. By sharing its expertise and resources, ZeroFox aims to foster collaboration and innovation within the information security community, ultimately making the digital landscape safer for all users. About ZeroFox ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

Read More

More featured news