LogRhythm and Solera Networks announced a technology partnership to provide customers with network visibility, security and situational awareness by combining LogRhythm’s SIEM 2.0 platform with Solera’s security intelligence and analytics solution.


For any LogRhythm-generated alert, customers will now have access to Solera’s DeepSee platform with Layer 2 through Layer 7 detail, as well as historical context via Solera’s Deep Packet Inspection engine to respond to cyber-incidents.

LogRhythm delivers visibility and situational awareness regarding network attacks, breaches and insider threats through a fully-integrated solution. Solera Networks’ software delivers network traffic and data flows instantly, for visibility and reconstructed analysis, enabling administrators and security professionals to receive packet-level detail to address the source and scope of any network security event and protect the network against further attack.

LogRhythm customers will now be able to know—at the packet, flow, and file level—what happened before, during and after an event by launching Solera’s solution from within the LogRhythm console to capture, replay and reconstruct packet-level data associated with a LogRhythm security event.

The security correlation and pattern recognition of LogRhythm’s SIEM 2.0 platform, combined with Solera’s analytics platform, provides security operations professionals with active intelligence and analytics, including:

Situational awareness — Today sophisticated, persistent and targeted attacks are specifically designed to circumvent traditional defenses that organizations have implemented. LogRhythm’s SIEM 2.0 solution provides early detection and alerting of security events in enterprise IT environments, while Solera’s appliances act like a security camera that can recreate and replay network traffic surrounding any event reported by the LogRhythm platform—jointly providing complete situational awareness to defend networks against existing and future threats.

Incident response — Effective incident response starts with solid integration with the most popular security tools on the market. With the correct data, responding to an incident is instant, active and efficient.

Network security assurance — Network security assurance verifies today that your network was not impacted by threats that were unknown yesterday. Because threats can be transient and/or persistent – and signatures are typically written for initial exploits – there has been no way for historical incidents to be detected, until now. With LogRhythm and Solera Networks, organizations can replay traffic to their LogRhythm platform after any tools in their sensor fabric have been updated with the latest definitions. When a major new exploit is discovered, the network security assurance offered by LogRhythm and Solera Networks can provide the peace of mind that the organization is secure.