LogRhythm claims to reduce the amount of time it takes organizations to detect cyberintruders before they get a foothold and do any real damage. Its Holistic Threat Analytics Suite purports to detect behavioral anomalies by analyzing a number of potential entryways – users, networks and endpoints – allowing their software to identify a variety of system compromises that originate from advanced cyberthreats. The Holistic Suite is comprised of three different modules: The newest, Endpoint Threat Analytics Module, joins LogRhythm’s User Threat Analytics Module and Network Threat Analytics Module, and, combined, should allow customers to detect intrusions earlier, regardless of where those intrusions originate.
LogRhythm also incorporates real-time threat intelligence data from leading commercial vendors and an array of open source intelligence feeds, which allows them to help their customers connect the cybersecurity dots to the data they’re already collecting, processing and analyzing, which, in turn, should help them take whatever countermeasures they need to protect themselves from a major breach.
I have heard of most of these products but am unsure of their veracity. They are likely worth demoing just to get a good feel to see if they are a worthwhile to your organizations cyber defense strategy.
Disclosure: I work for Intel Security.