Date: 14 December, 2020
LogRhythm, the company powering today’s security operations centres (SOCs), and Connectis, the global IT services group, today announced a further commitment to the partnership that sees LogRhythm’s industry leading SIEM solution integrated into Connectis’ managed security offerings globally.
The combination of Connectis’ 24×7 security service offerings and the market leading LogRhythm platform offers customers the peace of mind that their environments are being continually monitored by a team of experts using cutting edge toolsets for faster and more accurate incident identification and mitigation.
The partnership allows the companies to tightly integrate LogRhythm’s SIEM solution – winner of SC Awards Europe 2020, Best SIEM Solution – with Connectis data processing and storage, located in the EU and meeting all GDPR regulatory requirements. The standard Connectis offering is a highly cost-efficient, multi-tenant solution, with dedicated cloud. On-premises deployments are available for clients with specific needs.
The Connectis’ security operations centre, located in Barcelona, is underpinned by LogRhythm’s collection, parsing, processing and long-term storage of logs from a wide range of log sources, with support for over 850 sources (such as Windows, Linux, syslog, Cloud and flow data) and the possibility to create custom parsers to extend this.
LogRhythm’s unique Machine Data Intelligence framework with over 600,000 normalisation rules provides scaling and efficiency. To feed into this, Connectis has developed a Configuration Management Framework to map full lifecycle requirements for log generation, collection and processing that is both effective and mindful of cost.
In turn, the output from rule-based processing will identify specific security events and trigger alarms using Connectis’ MITRE ATT&CK based detection playbook. This transforms a data lake of billions of logs into a manageable number of alarms for enrichment with threat intelligence and processing by dedicated security analysts.
The output also provides the insights needed to report against a wide range of compliance frameworks, including Connectis advanced ISO27001 report which provides both top-level control outcome summaries and highly granular drill-down on individual control data with analyst findings.
“We are excited to extend this partnership with LogRhythm, one of the most successful and fastest growing security operations companies of our time. Together we are much more than the sum of our parts, and we will innovate and build capabilities for the benefit of Connectis’ customers.”Harsha Gowda, CTO of Connectis
“We pride ourselves on having the most advanced NextGen SIEM platform, which offers comprehensive analytics and security orchestration, automation and response (SOAR) in a single platform. The integration of our award-winning SIEM with Connectis’ SOC will open up a range of exciting security benefits for Connectis’ customers both now and in the future.”Martin Landless, VP sales Europe at LogRhythm
A unique partnership offering
The combination of Connectis’ 24×7 security service offerings and the market leading LogRhythm platform offers customers the peace of mind that their environments are being continually monitored by a team of experts using cutting edge toolsets. Investment in the platform and people is managed by Connectis, reducing capital outlay and removing the recruitment and retainment headache of employing security staff, thereby delivering a fully managed SIEM solution.
The extensible and efficient service ensures false positive alarms are rapidly eliminated, with the remaining investigations being raised in integrated LogRhythm case management, with logs and analyst findings attached in an evidence locker. Dedicated incident handlers then apply pre-planned courses of action, adapted to the client-specific context as required, to rapidly contain, mitigate and eradicate any breach.
Security orchestration and automated response is provided through LogRhythm’s ‘SmartResponse’ functionality, which enables both automatic, scripted response triggering at machine speed in response to alarms – and optional scripted responses that can be triggered manually by an analyst or incident handler.
The solution includes an option for network traffic analysis including full packet capture, layer 2-7 deep packet inspection and analysis with automatic identification of over 3,500 applications that is fully integrated with the SIEM. This is the gold standard in network detection and forensics, allowing not just identification of unwanted traffic such as Bittorrent but also advanced functions such as file reconstruction to determine exactly what a user sent or received or identifying attacker techniques such as reverse PowerShell.
Ensuring your organisation is “Secure by Design”
Watch this business-driven conversation hosted by David Chujor Connectis’ Security Lead with Simmons & Simmons’ CISO Warren Whewell, LogRhythm’s CMO Cindy Zhou and Digital Experience Director Ed Sant’Anna. Click here to watch the full video.
LogRhythm empowers more than 4,000 customers across the globe to measurably mature their security operations programme. LogRhythm’s award-winning NextGen SIEM Platform delivers comprehensive security analytics; user and entity behaviour analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) within a single, integrated platform for rapid detection, response, and neutralisation of threats. Built by security professionals for security professionals, LogRhythm enables security professionals at leading organisations like NASA, XcelEnergy, and Temple University to promote visibility for their cybersecurity programme and reduce risk to their organisation each and every day. LogRhythm is the only provider to earn the Gartner Peer Insights Customers’ Choice for SIEM designation three years in a row. To learn more, please visit logrhythm.com.