ManageEngine Unveils ML-Powered Breach Response Tool in Log360 SIEM

News Desk -

Share

ManageEngine, the IT management arm of Zoho Corporation, has unveiled a groundbreaking addition to its Log360 Security Information and Event Management (SIEM) solution. This new feature, powered by machine learning (ML), revolutionizes breach response strategies by offering comprehensive insights into the exploit triad: users, entities, and processes.

In response to the escalating need for rapid breach identification and containment, ManageEngine’s latest innovation aims to significantly shorten the breach life cycle. According to Manikandan Thangaraj, Vice President of ManageEngine, modern cyberthreats are adept at blending into legitimate activities, prolonging the time it takes to detect and mitigate breaches. Manual threat analysis is no longer sufficient in the face of these sophisticated tactics.

The ML-powered exploit triad analytics feature in Log360 enables organizations to proactively trace adversaries’ paths and mitigate breaches effectively. By providing contextual visibility into user attributes, process lineage, and threat intelligence, Log360 transcends traditional detection methods, offering a dynamic understanding of security incidents.

Key highlights of the enhancement include Log360’s Threat Detection and Incident Response (TDIR) module, Vigil IQ, which now boasts a dual-layered threat detection system and advanced analytics for faster response times. The module features a three-way threat hunting core, unifying user, device, and process analytics on a single console for seamless investigation.

Moreover, Log360 incorporates ML-powered contextual data enrichment, leveraging insights from User and Entity Behavior Analytics (UEBA) and offering risk scoring for IPs, URLs, and domains. The introduction of a process hunting suite further enhances Log360’s capabilities, enabling security professionals to identify and mitigate suspicious activities effectively.

In addition, the latest iteration of Vigil IQ introduces new features such as a correlation package for prevalent attacker tools and Living Off the Land (LOTL) threats. This integration augments threat detection capabilities with more than 100 out-of-the-box correlation rules for detecting attacker tools and enhances visibility into external threats through integration with VirusTotal, a leading threat intelligence service.

Overall, ManageEngine’s ML-powered exploit triad analytics feature represents a significant advancement in breach response technology, empowering organizations to combat evolving cyberthreats effectively and reduce the impact of data breaches.