Home > News > featured news > LogRhythm Partners with SentinelOne to Accelerate Prevention, Detection and Response for Enterprise Environments

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

LogRhythm Partners with SentinelOne to Accelerate Prevention, Detection and Response for Enterprise Environments

LogRhythm | December 20, 2022 | Read time : 03:50 min

LogRhythm Partners with SentinelOne to Accelerate Prevention
LogRhythm, the company empowering security teams to defend against an ever-evolving threat landscape today announced its partnership with SentinelOne, an autonomous cybersecurity platform company. Together, LogRhythm and SentinelOne provide an integrated enterprise security solution to prevent, detect, and respond to threats in your environment. The combined solution streamlines security operations and improves response workflow, helping overwhelmed security teams cut through the noise and gain precise insights into cybersecurity threats.

Legacy solutions have been unable to keep up with the speed, sophistication, and scope of attacks, in which organizations lack the context and global visibility necessary to address these challenges, leaving them vulnerable to attacks. To remain on top of threats, it's essential for enterprises to understand what's occurring in their network and across their endpoints. However, without a centralized way to collect and action log data, that mission can be overwhelming for security teams.

“We are thrilled to formally announce our integration with SentinelOne. This partnership brings together two remarkable platforms that will provide our customers with incomparable visibility for analysts, allowing them to cut through the noise, and recognize and respond to incidents more quickly and effectively. “LogRhythm is committed to helping customers defend themselves against cyberattacks and we will continue to do so by partnering with leading and innovative cybersecurity companies to expand our offerings.”

Andrew Hollister, Chief Information Security Officer at LogRhythm

LogRhythm’s security analytics automatically incorporate rich endpoint telemetry from SentinelOne, enabling real-time threat protection and providing in-depth analytics for comprehensive security monitoring. LogRhythm SmartResponse™ capability leverages the SentinelOne API to effect automated response to malicious activities, such as automatically blacklisting hash values, or disconnecting affected machines from the network, as well as providing capabilities to collect additional information during an investigation. SmartResponse actions may be triggered directly by an Analytic running in LogRhythm’s patented Analytics Engine, or manually launched by an Analyst from the Web Console.

Key benefits of this integration include:

  • Expanded Visibility: Centralize data collection with events from SentinelOne managed user endpoints and cloud workloads
  • Focused automation: Initiate automatic endpoint mitigation with LogRhythm SmartResponse actions
  • Reduced Complexity: Prebuilt integrations and dashboards streamline SOC operations and improve ROI

“Our XDR strategy incorporates the integrations and technologies SentinelOne customers value. We’re excited about our partnership with LogRhythm,” said Yonni Shelmerdine, VP XDR Product Management at SentinelOne. “LogRhythm offers extensive support for - and integration across - the Singularity XDR platform, helping our customers from around the globe protect against modern cyberattacks and reduce risk.”

This announcement marks yet another milestone in the company’s momentous year. In addition to the release of LogRhythm Axon earlier this Fall, a groundbreaking, cloud-native security operations platform, LogRhythm also recently announced its integration with Gigamon that provides customers with a comprehensive view of network traffic.

About LogRhythm
LogRhythm helps busy and lean security operations teams save the day — day after day. There’s a lot riding on the shoulders of security professionals — the reputation and success of their company, the safety of citizens and organizations across the globe, the security of critical resources — the weight of protecting the world.

LogRhythm helps lighten this load. The company is on the frontlines defending against many of the world’s most significant cyberattacks and empowers security teams to navigate an ever-changing threat landscape with confidence. As allies in the fight, LogRhythm combines a comprehensive and flexible security operations platform, technology partnerships, and advisory services to help SOC teams close the gaps. Together, LogRhythm and our customers are ready to defend.

About SentinelOne
SentinelOne’s cybersecurity solution encompasses AI-powered prevention, detection, response and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform.

Spotlight

Cequence Unified API Protection

The only API protection solution that eliminates unknown and unmitigated API security risks across all phases of the API security lifecycle.

More featured news

Spotlight

Cequence Unified API Protection

The only API protection solution that eliminates unknown and unmitigated API security risks across all phases of the API security lifecycle.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Contrast Security Announces Serverless Support Expansion

Contrast Security | February 24, 2023

On February 23, 2023, Contrast Security, a leading code security platform, announced the expansion of its contrast serverless application security tool, Contrast Serverless, to support Microsoft Azure Functions and allow customers to quickly scan for security vulnerabilities across multi-cloud environments. While serverless and cloud-native development gains popularity, organizations struggle to determine which applications are fully secured due to the 'shared responsibility security model' of public cloud providers, particularly in the case of multi-cloud IT strategies. Contrast Serverless addresses the needs of such organizations by providing a new security tool that is specifically designed to evaluate serverless risks while identifying common vulnerabilities (CVEs), detecting misconfigurations, and revealing user privilege issues, all within a single interface. "Data shows 74% of infrastructure decision-makers at firms that are adopting public cloud use two or more public clouds and 17% are using five or more. Therefore, it's no surprise that 82% of cloud users have experienced security events due to confusion over shared responsibility security models." (Avoid the Security Inconsistency Pitfalls Transitioning to Serverless 2022 Report) The addition of Microsoft Azure Functions support to the Contrast Serverless platform allows organizations to evaluate the risk of their serverless applications across Microsoft and Amazon Web Services (AWS) from a single offering. The tool provides complete visibility of cloud-native serverless functions, allowing the AppSec team to continuously monitor the organization's serverless posture. It also allows organizations to scan open source dependencies for vulnerabilities in applications and custom code, detect misconfigurations, and identify the least privilege issues based on Microsoft Azure function policy roles and active directory configurations. Additionally, the tool can generate a contextual Microsoft Azure Functions risk score based on the abovementioned methods, enabling teams to address the most significant risk issues first. It also has the ability to apply remediation on function code in both AWS and Microsoft Azure environments. About Contrast Security Contrast Security is a renowned platform for code security, purposefully designed for developers to ensure swift and secure code movement while being trusted by security teams to safeguard business applications. It allows developers, security, and operations teams can quickly secure code across the entire Software Development Life Cycle (SDLC) and protect against targeted Application Security (AppSec) attacks. The company was founded in 2014 by cybersecurity industry veterans with the aim of replacing legacy AppSec solutions that cannot protect modern enterprises. The company's clientele includes some of the most prominent brands, such as BMW, Sompo Japan, DocuSign, AXA, Zurich, American Red Cross, and numerous other Fortune 500 enterprises globally.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Varonis Introduces Automated Posture Management to Fix Cloud Security Risks

Varonis | January 27, 2023

On January 26, 2023, Varonis Systems, Inc., a leader in data security and analytics, announced the availability of automated posture management to assist clients in resolving security and compliance gaps spanning their SaaS and IaaS systems. Varonis continuously scans, identifies, and ranks cloud security threats, providing CISOs and compliance officers with real-time insight into their data security posture. With this new automation option, users can fix misconfigurations in applications such as Salesforce and AWS with a single click from a unified interface. According to Gartner, through 2025, 99% of cloud security breaches will be the customer's fault. CIOs can counter this by adopting and enforcing rules for cloud ownership, accountability, and risk acceptance. Varonis Field CTO, Brian Vecci, said, “Automated posture management takes the burden of understanding and remediating cloud misconfigurations off the customer.” He also said, “We stay on top of the latest configuration risks and best practices, so you don’t have to. Now, we can not only show you exactly how to improve your security posture, but we can also automatically mitigate risk on your behalf.” (Source – GlobeNewswire) This release marks a significant advancement in cloud data security. Passive data security posture management (DSPM) solutions need manual operations to generate help desk tickets for a person to review and fix in every cloud application manually. Varonis offers a uniform and automated method for minimizing the attack surface of multi-cloud environments. Automated posture management is the most recent tool introduced by Varonis to simplify data security outcomes. Varonis introduced least privilege automation for Google Drive, Microsoft 365, and Box, as well as a new data security posture management (DSPM) dashboard early this month. About Varonis Varonis is a leader in data security and analytics, waging war differently from typical cybersecurity corporations. Instead, Varonis focuses on protecting business data like: Sensitive files and emails Strategic and product plans Financial records Confidential customer, patient, and employee data In addition to data protection, Zero Trust, data governance, compliance, categorization, data privacy, and threat detection and response, Varonis solutions handle various other critical use cases. The company began operations in 2005 and has clients in the financial services, healthcare, industrial, energy and utilities, insurance, technology, media and entertainment, consumer and retail, and education industries, among others.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Filecloud Introduces the Industry First Zero Trust File Sharing℠

FileCloud | January 11, 2023

On January 10, 2023, FileCloud announced the addition of Zero Trust File Sharing, bringing another layer of hyper-security to the market's most robust content collaboration platform. The latest, Zero Trust File Sharing, enables users to collaborate securely with employees along with other personnel, including external partners, vendors and clients. This functionality extends beyond modulating share permissions or setting Data Loss Prevention (DLP) policies. Zero Trust File Sharing will become increasingly crucial for enterprises and organizations that handle sensitive or protected data, such as Personally Identifiable Information (PII) and Confidential Unclassified Information (CUI). The emergence of cloud service technologies, remote access applications, and disappearing network edges have revealed multiple vulnerabilities in perimeter-based IT security models. The Zero Trust framework, built on a system of least privilege, provides a more resilient and adaptable approach that imposes identity authentication, regardless of where or how the request for access gets derived. The U.S. Department of Defense has recently come up with a Zero Trust Strategy and Roadmap to eventually cover all U.S. government departments, which is likely to be adopted by the private sector. As a result, critical infrastructure sectors are ideal candidates for integrating Zero Trust File Sharing to protect their information systems from increasingly sophisticated cyberattacks launched by nation-states. FileCloud's Zero Trust support enables enterprises to have an added layer of security on top of FileCloud's built-in access controls. The data within the environment is secured using a Zip file structure and password protection. The user can also set a Zero Trust password and create a sharing link to a file or folder. The data remains inaccessible without this password, even with a shared direct link or in case of a data breach. Furthermore, the data remains protected by password-based encryption even if the Zero Trust protected folder is accessed via unauthorized means, including social engineering techniques. Users who access the data with the Zero Trust password will also be restricted in their ability to edit or manipulate the data contained within the Zero Trust folder based on the share permissions. About FileCloud Headquartered in Austin, Texas, FileCloud is a leading hyper-secure content collaboration platform (CCP) providing data governance, industry-leading compliance, data leak protection, data retention and digital rights management capabilities to millions of users worldwide. Its complete CCP stack includes workflow automation and granular control of content sharing across most enterprise platforms. The platform offers powerful file sharing, mobile access and synchronization capabilities on public, private, and hybrid clouds to customers, including top Global 1000 enterprises, government organizations, educational institutions and managed service providers.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Contrast Security Announces Serverless Support Expansion

Contrast Security | February 24, 2023

On February 23, 2023, Contrast Security, a leading code security platform, announced the expansion of its contrast serverless application security tool, Contrast Serverless, to support Microsoft Azure Functions and allow customers to quickly scan for security vulnerabilities across multi-cloud environments. While serverless and cloud-native development gains popularity, organizations struggle to determine which applications are fully secured due to the 'shared responsibility security model' of public cloud providers, particularly in the case of multi-cloud IT strategies. Contrast Serverless addresses the needs of such organizations by providing a new security tool that is specifically designed to evaluate serverless risks while identifying common vulnerabilities (CVEs), detecting misconfigurations, and revealing user privilege issues, all within a single interface. "Data shows 74% of infrastructure decision-makers at firms that are adopting public cloud use two or more public clouds and 17% are using five or more. Therefore, it's no surprise that 82% of cloud users have experienced security events due to confusion over shared responsibility security models." (Avoid the Security Inconsistency Pitfalls Transitioning to Serverless 2022 Report) The addition of Microsoft Azure Functions support to the Contrast Serverless platform allows organizations to evaluate the risk of their serverless applications across Microsoft and Amazon Web Services (AWS) from a single offering. The tool provides complete visibility of cloud-native serverless functions, allowing the AppSec team to continuously monitor the organization's serverless posture. It also allows organizations to scan open source dependencies for vulnerabilities in applications and custom code, detect misconfigurations, and identify the least privilege issues based on Microsoft Azure function policy roles and active directory configurations. Additionally, the tool can generate a contextual Microsoft Azure Functions risk score based on the abovementioned methods, enabling teams to address the most significant risk issues first. It also has the ability to apply remediation on function code in both AWS and Microsoft Azure environments. About Contrast Security Contrast Security is a renowned platform for code security, purposefully designed for developers to ensure swift and secure code movement while being trusted by security teams to safeguard business applications. It allows developers, security, and operations teams can quickly secure code across the entire Software Development Life Cycle (SDLC) and protect against targeted Application Security (AppSec) attacks. The company was founded in 2014 by cybersecurity industry veterans with the aim of replacing legacy AppSec solutions that cannot protect modern enterprises. The company's clientele includes some of the most prominent brands, such as BMW, Sompo Japan, DocuSign, AXA, Zurich, American Red Cross, and numerous other Fortune 500 enterprises globally.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Varonis Introduces Automated Posture Management to Fix Cloud Security Risks

Varonis | January 27, 2023

On January 26, 2023, Varonis Systems, Inc., a leader in data security and analytics, announced the availability of automated posture management to assist clients in resolving security and compliance gaps spanning their SaaS and IaaS systems. Varonis continuously scans, identifies, and ranks cloud security threats, providing CISOs and compliance officers with real-time insight into their data security posture. With this new automation option, users can fix misconfigurations in applications such as Salesforce and AWS with a single click from a unified interface. According to Gartner, through 2025, 99% of cloud security breaches will be the customer's fault. CIOs can counter this by adopting and enforcing rules for cloud ownership, accountability, and risk acceptance. Varonis Field CTO, Brian Vecci, said, “Automated posture management takes the burden of understanding and remediating cloud misconfigurations off the customer.” He also said, “We stay on top of the latest configuration risks and best practices, so you don’t have to. Now, we can not only show you exactly how to improve your security posture, but we can also automatically mitigate risk on your behalf.” (Source – GlobeNewswire) This release marks a significant advancement in cloud data security. Passive data security posture management (DSPM) solutions need manual operations to generate help desk tickets for a person to review and fix in every cloud application manually. Varonis offers a uniform and automated method for minimizing the attack surface of multi-cloud environments. Automated posture management is the most recent tool introduced by Varonis to simplify data security outcomes. Varonis introduced least privilege automation for Google Drive, Microsoft 365, and Box, as well as a new data security posture management (DSPM) dashboard early this month. About Varonis Varonis is a leader in data security and analytics, waging war differently from typical cybersecurity corporations. Instead, Varonis focuses on protecting business data like: Sensitive files and emails Strategic and product plans Financial records Confidential customer, patient, and employee data In addition to data protection, Zero Trust, data governance, compliance, categorization, data privacy, and threat detection and response, Varonis solutions handle various other critical use cases. The company began operations in 2005 and has clients in the financial services, healthcare, industrial, energy and utilities, insurance, technology, media and entertainment, consumer and retail, and education industries, among others.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Filecloud Introduces the Industry First Zero Trust File Sharing℠

FileCloud | January 11, 2023

On January 10, 2023, FileCloud announced the addition of Zero Trust File Sharing, bringing another layer of hyper-security to the market's most robust content collaboration platform. The latest, Zero Trust File Sharing, enables users to collaborate securely with employees along with other personnel, including external partners, vendors and clients. This functionality extends beyond modulating share permissions or setting Data Loss Prevention (DLP) policies. Zero Trust File Sharing will become increasingly crucial for enterprises and organizations that handle sensitive or protected data, such as Personally Identifiable Information (PII) and Confidential Unclassified Information (CUI). The emergence of cloud service technologies, remote access applications, and disappearing network edges have revealed multiple vulnerabilities in perimeter-based IT security models. The Zero Trust framework, built on a system of least privilege, provides a more resilient and adaptable approach that imposes identity authentication, regardless of where or how the request for access gets derived. The U.S. Department of Defense has recently come up with a Zero Trust Strategy and Roadmap to eventually cover all U.S. government departments, which is likely to be adopted by the private sector. As a result, critical infrastructure sectors are ideal candidates for integrating Zero Trust File Sharing to protect their information systems from increasingly sophisticated cyberattacks launched by nation-states. FileCloud's Zero Trust support enables enterprises to have an added layer of security on top of FileCloud's built-in access controls. The data within the environment is secured using a Zip file structure and password protection. The user can also set a Zero Trust password and create a sharing link to a file or folder. The data remains inaccessible without this password, even with a shared direct link or in case of a data breach. Furthermore, the data remains protected by password-based encryption even if the Zero Trust protected folder is accessed via unauthorized means, including social engineering techniques. Users who access the data with the Zero Trust password will also be restricted in their ability to edit or manipulate the data contained within the Zero Trust folder based on the share permissions. About FileCloud Headquartered in Austin, Texas, FileCloud is a leading hyper-secure content collaboration platform (CCP) providing data governance, industry-leading compliance, data leak protection, data retention and digital rights management capabilities to millions of users worldwide. Its complete CCP stack includes workflow automation and granular control of content sharing across most enterprise platforms. The platform offers powerful file sharing, mobile access and synchronization capabilities on public, private, and hybrid clouds to customers, including top Global 1000 enterprises, government organizations, educational institutions and managed service providers.

Read More

More featured news