Deploying and monitoring honeypots made easy
Posted on 07 August 2014.
At the Black Hat conference, LogRhythm released a new analytics suite that monitors honeypots to track would-be attackers, enabling customers to analyze nefarious tactics and generate targeted threat intelligence that facilitates an ongoing adaptive defense posture.


Honeypots are isolated decoy systems and services designed to look like production servers, but enabled to be susceptible to IT attackers. When deployed and analyzed correctly, they provide organizations an increased awareness of attack and breach activity generating dynamic threat research unique to the customer environment they are targeting.

With LogRhythm’s new suite, customers are able to easily deploy honeypots to attract opportunistic hackers.

When an attacker begins to interact with the honeypot, LogRhythm’s Security Intelligence Platform begins tracking the attacker’s actions, analyzing the honeypot data to create profiles of behavioral patterns and attack methodologies based on the emerging threats. AI Engine perform real-time, advanced analytics on all activity captured in the honeypot, including successful logins to the system, observed successful attacks, and attempted/successful malware activity on the host. This automated and integrated approach to honeypots eliminates the need for the manual review and maintenance associated with traditional honeypot deployments.

The LogRhythm Security Intelligence Platform prioritizes intel derived from the honeypots to orchestrate responses from similar attacks on production networks. For example, LogRhythm SmartResponse plugins automatically apply observations from the suite to managed blacklists and identified malware, so the IP address of an attacker targeting the honeypot will be blocked and the programs executed can be identified if discovered on production systems.

“LogRhythm continues to innovate, and our Honeypot Security Analytics Suite is the latest example of a set of features and functionality that advances our customers’ ability to detect and respond to cyber threats faster,” said David Pack, Director of LogRhythm Labs. “It’s now extremely straight forward for a LogRhythm customer to set up a honeypot that looks and acts like the customer’s network. The LogRhythm Security Intelligence Platform analyzes what the attackers are doing, and that intel is immediately harvested to best protect the entire company.”

The suite is available to customers immediately as part of LogRhythm’s Security Intelligence Platform.






Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //