LogRhythm has launched version 7.7 of its LogRhythm NextGen SIEM Platform with new features for threat detection and response, including a new Timeline View that provides analysts with an easy-to-follow security narrative when investigating an incident.
Visualising Security Stories with Timeline View
Through Timeline View, security analysts have a consolidated, chronological view of user or host activity. The view includes all data related to the incident and is automatically contextualized to provide a quick view into how a potential incident has played out thus far. With Timeline View, analysts can easily further their investigation without needing to navigate off the existing page to understand the cause and scope of a given incident. Analysts can also go deeper into the data presented by drilling down into specific timeline events and reviewing the underlying raw data.
“We’re thrilled to bring Timeline View to our customers with the release of LogRhythm 7.7,” said Rusty Carter, chief product officer at LogRhythm. “We understand how challenging it is to manage the detection and response process if you have to use multiple screens, so our goal was to make it easier for analysts to not only get an overview as to how an incident is progressing, but to also be able to drill down into that contextualized activity is vital to rapidly making accurate decisions.”
LogRhythm’s Detail Page pairs Timeline View with Node Link graph (previously introduced in LogRhythm 7.5). This combination allows analysts to investigate incidents from multiple perspectives and to quickly determine the timing and scope of an incident.
Read the latest edition of PCR’s monthly magazine below: