Partnering up security prediction and pervasive service

Two US businesses, Log Rhythm and ForeScout Technologies, have the two halves of an important cloud security capability, so they have partnered up and plan to integrate their offerings to give users a more comprehensive solution 

  • 10 years ago Posted in

The key issue with utilising predictive capabilities to achieve better cloud security is that they must be available continuously to be remotely successful. They are not much help if they are only used on the Tuesday afternoons they are available to a user.

Making this connection is the driving force behind the just announced partnership between Log Rhythm and ForeScout Technologies. The former  provides the security intelligence that underpins the combined service they now plan to offer, while the latter provides the pervasive network security solutions for both enterprises and government organisations.

The partnership and planned technology integration between them LogRhythm and ForeScout CounterACT platformsis aimed at offering joint customers the means to gain continuous operational and security intelligence, predictive and preventative controls, and policy-based remediation to optimise security and compliance management.

According to a recent Gartner report, enabling a truly adaptive and risk-based response to advanced threats means that the core of a next-generation security protection process will need to be continuous, with pervasive monitoring and visibility that are constantly analysed for indications of compromise.

`Going forward, all effective security protection platforms will include domain-specific embedded analytics as a core capability, in addition to traditional security information and event management (SIEM) systems. Enterprise monitoring should be pervasive and encompass as many layers of the IT stack as possible, including network activity, endpoints, system interactions, application transactions and user activity monitoring. This visibility must include enterprise-owned and employee-owned devices, and it must span enterprise datacentres as well as the consumption of services from cloud-based providers. The future of defence in-depth lies not only in layers of controls, but also in layers of monitoring and visibility.’

The LogRhythm Security Intelligence Platform combines next-generation SIEM, log management, host forensics and network forensics with advanced analytics to help customers detect and respond to today’s most advanced cyber-threats. It collects and analyses all available log and machine data along with deep forensic data captured at both the host and network levels for pervasive visibility and automated, continuous analysis of all activity observed across the enterprise environment.

ForeScout’s CounterACT platform enables access control, mobile and BYOD security, endpoint compliance and threat management. The solution identifies, classifies and applies network enforcement and endpoint remediation policy to managed and unmanaged users, devices, systems and applications – in real-time and without requiring agents.

By combining the two, IT organisations will be able to eliminate a broad range of cyber-defence and compliance management gaps while gaining greater return on security investments.

Planned integration between the two is expected to ensure endpoint logging services are enrolled, active, and dynamically tuned, enrich LogRhythm’s analytic scope with ForeScout’s dynamically captured user, network, device, system, application and security profile information and expedite identifying, monitoring and mitigating BYOD, unmanaged and rogue devices, and unsanctioned application risks, allow ForeScout customers to preserve, trend and investigate long-term user access and device security state by leveraging LogRhythm’s big data analytics capabilities.

It should also enable LogRhythm correlated and corroborated events to invoke CounterACT network enforcement, endpoint remediation and third-party control trigger actions.

The planned interoperability between them will leverage LogRhythm’s SmartResponse technology and ForeScout’s ControlFabric architecture. These open integration technologies will enable CounterACT and LogRhythm to exchange contextual information with each other, as well as expose CounterACT’s real-time control and automated remediation features to LogRhythm SmartResponse functions.

“To advance cyber-threat defences, enterprises are looking for greater interoperability among traditionally siloed security tools,” said Paul Phillips, vice president of corporate and business development at ForeScout. “By integrating with market leading SIEM platforms, such as LogRhythm, organisations gain the intelligence, analytics and mitigation capabilities that afford true IT-GRC insight and greater operational efficiency.”
 

The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...
Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...