LogRhythm, Zscaler team up to address security challenges
LogRhythm has partnered with Zscaler to help enterprises globally increase their network insight and address the various cloud access security challenges that the modern SOC face.
LogRhythm SIEM and the Zscaler Zero Trust Exchange platform provide unparalleled visibility and security to facilitate a modern Zero Trust architecture.
Zscaler secures all user, workload and device communications over any network, anywhere, and integrating with LogRhythm will offer visibility into everything that is happening in a user’s network, as well as show what websites and cloud-based resources employees are using.
Having this level of visibility is crucial to ensuring businesses stay protected.
Further, Zero Trust approaches are top of mind for many enterprises, and having the right tools to defend against cyber threats is vital.
To this end, LogRhythm SmartResponse will be used for Zscaler Internet Access (ZIA) and allow for the LogRhythm console to carry out actions to remediate issues.
As logs are ingested from Zscaler’s Nanolog Streaming Service (NSS) into the LogRhythm SIEM platform, the LogRhythm SmartResponse for Zscaler can also automatically denylist the URL in Zscaler when a banned keyword or URL is detected.
“Securing an organisation’s systems and networks begins with high-fidelity and trustworthy log data. LogRhythm’s expertise in turning log data into actionable insights delivered through dashboards and analytics is unrivalled in the industry,” says Andrew Hollister, Chief Information Security Officer at LogRhythm.
“The combined benefits of LogRhythm SmartResponse and Zscaler Internet Access facilitate modern Zero Trust architecture that is the security backbone of companies across the globe.”
The LogRhythm SmartResponse for Zscaler carries out a number of actions, such as denylisting a URL, getting policy information, and adding a URL category.
Moreover, it centralises day-to-day security tasks to a single console, making it easy to run actions between the SIEM and Zscaler.
Other important benefits of this integration include:
- Simplified ingestion and contextualisation of Zscaler log data
- Accelerated detection of unwanted or denylisted URLs
- Use of a single console to investigate and block suspicious website access
- Faster response with enhanced investigative capabilities
“Zscaler’s Zero Trust Exchange reduces the attack surface and enforces cybersecurity policies, and this new integration with LogRhythm can help security teams with richer insights,” says Amit Raikar, VP of Technology Partnerships at Zscaler.
“By leveraging Zscaler APIs for cloud-to-cloud log streaming, LogRhythm customers can gather threat and policy telemetry across a hybrid workforce accessing multicloud and SaaS applications, giving analysts a complete picture from the depth of information in Zscaler logs for optimal threat hunting and investigations.”
This partnership builds on LogRhythm’s 2022 success, and the company is also unveiling a series of expanded capabilities for its security operations offerings, including updates to its cloud-native LogRhythm Axon platform.
The company also integrated with Sentinel One, a move that streamlines security operations and improves response workflow, offering precise insights into cybersecurity threats to help overwhelmed security teams prioritise what is most important.