Get the 2017 Gartner SIEM Magic Quadrant :Learn the Factors That Make LogRhythm a Gartner SIEM Magic Quadrant Leader
In the 2017 Magic Quadrant for Security Information and Event Management (SIEM), Gartner evaluated LogRhythm and 19 other vendors for completeness of vision and ability to execute.
Once again, LogRhythm is positioned in the Leaders Quadrant.
How many of us would hire a home security company that sent a representative to our house to tell us to remove all our lightbulbs so that it was pitch black inside? Sure, it would make it much more difficult for the burglars to find their way around. But with no way to turn the lights on, it would also be almost impossible to find the intruders—or determine whether there had been a break-in at all.
In 2017, there were 477 reported health care breaches in the U.S. affecting 5.6 million patient records. Seventy-one percent of these breaches were due to hacking and IT incidents.
In recent years, privacy breaches have proven to be a major issue for health care entities and their patients. The health care industry is feeling the brunt of hacker attention more so than any other sector. But what exactly makes this information and this sector so attractive to cyber criminals?
Identity theft continues to be a challenging and expensive risk for consumers, and malware that’s specifically designed to steal users’ account data and identities are often used to commit the crime.
The reason for this persistent threat? Simple, identity theft is a very lucrative business for cybercriminals. The 2017 Identity Fraud Study, recently released by Javelin Strategy & Research, found that cybercriminals stole $16 billion dollars from 15.4 million U.S. consumers in 2016 alone. That’s a substantial amount of money. It also represents nearly a billion dollar increase over 2015 identity theft losses. In the past six years, identity thieves have stolen over $107 billion dollars from victims in the U.S. alone.
Organizations are rapidly adopting mobility, IoT, smart devices, and multi-cloud computing to meet new networking requirements. These changes are increasing the speed and the volume of the data and traffic that networks need to process. These network resources are also being constantly added, removed, or connected to each other, keeping the network’s attack surface constantly changing. The result is we are also creating complex networks that are difficult to track and secure.
Data and applications travel between many different users and devices, and span multiple borderless networks. This makes visibility and control more difficult. Cyber criminals are also targeting the expanded attack surface with faster and smarter cyber threats. Security needs to automatically adapt to changing network demands and configurations. Unfortunately, most legacy security systems simply can’t do this. Instead, organizations require a new generation of security designed to protect their hyperconnected, digital transformation networks.
On February 28 and March 5, 2018, Memcached DDoS attacks targeted GitHub. LogRhythm Labs performed an investigation into the cause, effect, and outcome of these attacks. The following will help give you an understanding of the background that allowed the DDoS attack to be possible, the vulnerability that was exposed, mitigation techniques, and AI Engine rules that can detect Memcached attacks targeting or originating from a client environment.
Imagine going to work, sitting at a desk, and pulling out your toolbox: a rootkit. Though it may seem dystopian, cybercrime has become a business enterprise. Cybercriminals are now modeling themselves based on big businesses, adopting their processes and project management techniques. Professional hacking organizations are training new waves of cybercriminals, investing in collaboration tools, and even creating their own customer service departments. And though advanced malware, exploit kits, and other tools of cybercrime have been available for some time, this new method of organizing cybercrime is even more threatening.
The problem with the future—as baseball legend Yogi Berra, the founders of the Internet, and any CISO or CTO can assure you—is that, increasingly, it ain’t what it used to be.
For those of us in the field of cybersecurity, where the utopian dreams of the early Internet collide with the realities of increasingly serious levels of crime and threat, the future can at times look especially treacherous. As public and private organizations alike scramble to remain ahead of those who would compromise their information, one thing is certain: You can’t prevent tomorrow’s attacks with yesterday’s security strategy and technologies.
It seems common sense, but in the increasingly complex labyrinth of connectivity that is intensified by wireless, mobility, and multi-cloud networks, it is easy to get spun in different directions. This is no indictment of cybersecurity decision makers, either. You don’t have to be very slow at all to quickly fall behind.
Various blog posts have been written by LogRhythm’s very own resident LogRhythm NetMon expert Rob McGovern regarding the numerous benefits of using Deep Packet Analytics within NetMon. If you’re not already familiar with deep packet analytics (DPA) rules, Rob’s post would be a great resource to review and includes free training!
Stealing intellectual property (IP) is big business for cybercriminals, and they often use malware to do it. Many cyberthieves have turned to IP theft as their primary focus because it’s often easier than stealing credit card numbers or other forms of digital currency. IP thieves can operate from anywhere in relative anonymity, and armed with the latest malware, they pose a major threat to the world’s intellectual property.