Threat Intelligence & Incident Response

ManageEngine announced the launch of Log360

  • Outsmarts malicious actors by leveraging contextual data from AD and UEBA to deconstruct the exploit triad: users, entities and processes
  • Neutralizes threats with acorrelation package containing rules for detecting prevalent attacker toolsand living off the land (LOTL) threats
  • Explore the new version of Log360 now: https://mnge.it/iwb

ManageEngine, the enterprise IT management division of Zoho Corporation, today announced the release of a unique, ML-powered exploit triad analytics feature in its SIEM solution, Log360.

Now, enterprises can knowledgeably trace the path of adversaries and mitigate breaches by providing complete contextual visibility into the exploit triad: users, entities and processes. The feature update was unveiled at the ManageEngine User Conference at The Ritz-Carlton, Dubai International Financial Centre in the United Arab Emirates.

Addressing the Critical Need for Faster Breach Response

“Today’s cyberthreats masterfully blend into the fabric of legitimate activity, weaponizing stolen credentials, mimicking trusted processes and exploiting human vulnerabilities. These insidious tactics create a critical challenge: an extended data breach life cycle. It takes an alarming 277 days to identify and contain a data breach, with expenses surging by 23% after surpassing the 200-day mark. Manual, unguided threat analysis is a losing battle—a labyrinth of multi-tool chaos,” said Manikandan Thangaraj, vice president of ManageEngine.

“By offering a dynamic tapestry of insights into user attributes, process lineage and threat intelligence, Log360’s ML-powered exploit triad analytics transcends from merely assisting detection to enabling better comprehension. This makes it a game-changer in reducing the breach life cycle,” said Thangaraj.

Highlights of ML-powered Exploit Triad Analytics

Log360’s threat detection and incident response (TDIR) module, Vigil IQ, features a dual-layered threat detection system released last year. With today’s announcement, security takes a step further with advanced analytics offering deeper insights and faster response times.

  • A three-way threat hunting core: User, device and process analytics are unified on a single console that allows security professionals to delve deep into investigation as they traverse through the Incident Workbench.
  • ML-powered contextual data enrichment: Log360’s in-depth contextual analysis incorporates insights from UEBA; process tree visualization; and the risk scoring of IPs, URLs and domains.
  • A process hunting suite: The process flow probing capability on the Incident Workbench and the correlation rules for the spawning of suspicious processes together create a complete suite for process hunting.

Empowering the cyber investigation dashboard, the latest iteration of Vigil IQ also enhances threat detection capabilities with the introduction of the following features:

  • A correlation package for prevalent attacker tools and LOTL threats: Augmenting the Incident Workbench, the solution also enhances the threat detection capabilities of Vigil IQ with more than 100 out-of-the-box correlation rules for effective detection of prevalent attacker tools in the environment and LOTL attacks.
  • An integration with VirusTotal: The scope of theAdvanced Threat Analytics feature has expanded via an integration with VirusTotal, one of the leading threat intelligence services, for enhanced visibility into external threats and risk analysis.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

CardinalOps Launches MITRE ATT&CK Security Layers

PR Newswire

Searchlight Cyber launched a new Exposure Data view in DarkIQ

Business Wire

CloudShark Integrates with Palo Alto Networks Cortex XSOAR to Accelerate Incident Response

PR Newswire