LogRhythm UEBA provides stand-alone intelligent User and Entity Behaviour Analytics (UEBA) for increased security coverage across the attack spectrum with minimal OPEX and CAPX investment. With the ability to detect known and unknown threats via machine learning, AI, and multidimensional behavioural analytics LogRhythm UEBA can quickly surface and prioritise critical events.
Users with legitimate access to internal networks pose a material risk to company security. Machine-assisted monitoring of contractors and high-impact teams (e.g., IT, Finance, Sales) can prevent data theft, fraud, sabotage, policy violations, and other dangerous activity. LogRhythm uses behavioural profiling to spot deviations from normal behaviour (e.g., abnormal authentication activity, abnormal host access) and scenario analytics to recognise established patterns (e.g., accessing a new server and then logging into a personal cloud storage website).
Attackers who have compromised your customers’ network will attempt to take control of an account and move laterally until they attain their target. LogRhythm unmasks these imposters by examining the behaviour of individual users and associated peer groups. External threats are quickly identified, preventing further compromise and damage.
With extensive access to systems and data, privileged users present heightened risk to the organisation. LogRhythm UEBA helps ensure access rights are used appropriately. Its algorithms automatically monitor the creation and deletion of privileged accounts, the elevation of permissions, and the suspicious use of privileged accounts.