ManageEngine Unveils Dual-Layered SIEM for Precise Threat Detection

News Desk -

Share

ManageEngine, the IT management arm of Zoho Corporation, introduced an industry-first dual-layered threat detection system within its Security Information and Event Management (SIEM) solution, Log360. This innovative feature, embedded in Log360’s Threat Detection, Investigation, and Response (TDIR) component, Vigil IQ, empowers Security Operations Center (SOC) teams by significantly improving accuracy and precision in threat detection.

Enterprise security is increasingly challenging due to staffing shortages and the complexities of solution orchestration. In response to this, ManageEngine has recently upgraded the security analytics module of Log360 to optimize SOC performance through the monitoring of key performance metrics. The focus is on addressing the critical challenges faced by security operations.

According to a recent study conducted by ManageEngine, a majority of respondents reported that their SOCs are understaffed. These resource-constrained SOCs often encounter obstacles such as process silos and manual investigation of alerts, leading to extended detection and response times for genuine threats. To tackle these challenges, ManageEngine emphasizes the essential adoption of Artificial Intelligence (AI) and Machine Learning (ML) for contextual event enrichment and refining threat detection logic.

Manikandan Thangaraj, Vice President at ManageEngine, explained, “We pioneered a dual-layered ML approach to enhance the precision and consistency of threat detection. First, Vigil IQ ensures genuine threats are distinguished from false positives. Second, the system facilitates targeted threat identification and response, significantly improving accuracy, streamlining the detection process, and enabling SOC analysts to focus their valuable time on investigating real threats.”

Key Features of Vigil IQ’s Dual-Layered Threat Detection System in Log360:

1. Smart Alerts: Vigil IQ combines accuracy and precision in threat detection by dynamically adapting to changing network behavior. It identifies threats that may be overlooked due to manual threshold settings, thereby enhancing the reliability of the detection system.

2. Proactive Predictive Analytics: Leveraging predictive analytics based on historical data patterns, Vigil IQ predicts potential security threats, enabling the implementation of proactive measures before incidents occur. This predictive intelligence drastically reduces the Mean Time to Detect (MTTD) threats.

3. Contextual Intelligence: Vigil IQ enriches alerts with deep contextual information, providing security analysts with comprehensive threat insights. This enrichment accelerates the Mean Time to Respond (MTTR) by delivering pertinent, precise information.

ManageEngine’s dual-layered threat detection system marks a significant advancement in SIEM solutions, addressing key challenges faced by modern security operations and ensuring a more robust defense against evolving cyber threats.