Through this integration, once Bromium isolates advanced malware, it sends detailed information about the targeted endpoints and the infection source to LogRhythm’s Security Intelligence platform in real time via Bromium LAVA, which works in conjunction with Bromium vSentry software protecting endpoints throughout an organisation. Bromium vSentry hardware-isolates and defeats advanced, targeted attacks against endpoint devices without requiring signatures or updates, automatically discarding malware and reducing the need for timely patching or costly remediation.
“With 71% of breaches a result of user devices being targeted, according to the 2013 Verizon Data Breach Investigations Report, enterprises are seeking new methods to address threats that break through traditional perimeter defenses,” said Gaurav Banga, Co-founder & CEO, Bromium, Inc. “Bromium’s innovative approach to endpoint security is helping organisations isolate user tasks and defeat these malicious threats. This relationship with LogRhythm provides our customers with additional actionable intelligence necessary for automatically removing malware and closing attackers’ means of entry without unnecessary business disruptions.”
LogRhythm’s Security Intelligence platform identifies and prioritises advanced security threats by integrating and correlating real-time threat information from Bromium LAVA with log, flow, event and other machine data collected and generated by LogRhythm from across the network environment. Through the integration, customers can leverage LogRhythm’s advanced security analytics to model malware behavior based on Bromium telemetry and leverage those insights to identify other compromised hosts in their environments.
In addition, LogRhythm’s Security Intelligence platform can take automated actions based on threats identified with Bromium, such as adding threat intelligence to internal watch lists or black lists, disabling active sessions with source IPs known to be bad or quarantining compromised hosts. The combined solution helps security operations teams prioritise actions, slash response times and adjust defenses to counter today’s most severe threats.
“Bromium’s ability to defeat the entire spectrum of known and unknown malware through hardware isolation and real-time reporting through vSentry and LAVA yields crucial information LogRhythm customers can now factor into their ongoing, adaptive cyber defenses,” said Matt Winter, Vice President of Corporate and Business Development. “Coupling Bromium LAVA with LogRhythm’s Security Intelligence platform delivers actionable security intelligence, helping organizations identify threats, understand which assets and processes represent significant security risks and reduce response times.”
LogRhythm seamlessly combines next-generation SIEM, log management, file integrity monitoring and machine analytics, with host and network forensics, in a unified enterprise-class Security Intelligence platform. It is designed to address an ever-changing landscape of threats and challenges, with a full suite of high-performance tools for security, compliance, and operations. LogRhythm delivers comprehensive, useful and actionable insight into what is really going on in and around an enterprise IT environment.