New release improves situational awareness, useability, and automated response Last week may have been the all-time high-point for security management with McAfee’s acquisition of Nitro Security followed by IBM’s purchase of Q1 Labs. Why all of the activity? Security management requirements are rapidly changing, moving away from log filtering and compliance reporting to comprehensive situational awareness and deep analytics. To their credit, McAfee and IBM recognized these changes and used cash to jump into the pool.Continuing the security management momentum, Colorado-based LogRhythm announced version 6.0 of its SIEM platform this week. The news may not seem as big as two major acquisitions, but LogRhythm’s new release really exemplifies what’s needed for next-generation SIEM platforms, such as:1. Deep situational awareness: Old-school SIEM kept track of log events generated by perimeter security devices or across the network. This is no longer. In its new release, LogRhythm expands its view to monitor traffic, events, and anomalies across networks, hosts, and user behavior. You can then use this information for analysis, forensic investigations, or IT operations planning. Given the scaling needs associated with collecting and analyzing massive amounts of data, LogRhythm also bolstered performance in its new release.2. Canned rule sets. Even large well-funded organizations are struggling to recruit and retain security professionals with advanced skills. In fact, ESG Research indicates that 22% of mid-market (i.e. 100-999 employees) and enterprise (i.e. 1,000 employees or more) organizations have a problematic shortage of information security skills. LogRhythm 6.0 addresses the skills gap with technology by embedding “knowledge modules” tailored to different use cases or specific user functions. 3. Automated response. Soon-to-be published ESG Research indicates that large organizations are actively automating more and more security remediation activities — especially in light of increasingly sophisticated attacks. LogRhythm demostrates that it gets this requirement by adding “SmartRemediation” automation to its 6.0 offering. I’ve heard that LogRhythm has really grown revenue over the past few years and I now understand why — the company’s 6.0 revision is in the sweet spot of a big and lucrative market transition. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe