LogRhythm Intelligence delivers the power of machine learning and generative AI to the LogRhythm SIEM Platform, enabling faster and more accurate threat detection, investigation, and response (TDIR). It integrates machine learning-driven user and entity behavior analytics (UEBA) with security information and event management (SIEM). Users gain the ability to establish baseline behavior, auto-score events by risk, and accelerate triage, investigations, and response. The LogRhythm Intelligence Copilot accelerates threat analysis using purpose-driven, generative AI, providing automated summaries of triggered detections, categorizing threats using MITRE frameworks, and suggesting tailored next steps. It functions as a UEBA log source within LogRhythm SIEM, allowing users to build customizable dashboards, run and save searches, set alarms, and use SmartResponse™ automated actions. LogRhythm Intelligence integrates with the LogRhythm SIEM user experience, enabling analysts to incorporate behavior analytics into their existing TDIR workflow.

Features:

• UNDERSTAND NORMAL BEHAVIOR: Detect and prioritize anomalies. Exabeam delivers the power of machine learning and generative AI to the LogRhythm SIEM Platform. Users gain the ability to establishes baseline behavior, auto-score events by risk, and accelerates triage, investigations, and response.
• GENERATIVE AI PRODUCTIVITY: Speed investigations with Copilot. The LogRhythm Intelligence Copilot accelerates threat analysis using purpose-driven, generative AI. Its automated summaries provide an overview of triggered detections, categorize threats using MITRE frameworks, and suggest tailored next steps.
• MACHINE DATA INTELLIGENCE (MDI) FABRIC: Security data you can trust. Ingest, parse, store, and search data at lightning speed. Advanced parsing, context enrichment, and a common schema prepares data in transit for rapid threat detection, visualization, and reporting.
• THREAT DETECTION, INVESTIGATION, AND RESPONSE (TDIR): Boost your security operations efficiency. Risk-based prioritization helps analysts triage, investigate, and respond to threats more effectively. LogRhythm Intelligence insights help you focus on critical threats, reducing the need for endless searches and improving response efficiency.
• INTEGRATED USER EXPERIENCE: Never leave the LogRhythm user interface. Quickly and easily expand your self-hosted SIEM without adding new products or altering the user experience. Behavioral detections appear in your existing case management dashboard, and with LogRhythm Log Distribution Service detections are available from day one.
• REALIZE THE FULL POTENTIAL OF YOUR SIEM: You can’t fight what you can’t see. Transform your SIEM with powerful new insights. Ingest logs, alerts, and telemetry, enrich them with threat intelligence, location, and user/host context, then run behavioral detections. Uncover insights that point products can’t detect.