SIEM – Threat Lifecycle Management

PoliticalIdeologicalCriminal

Ever Increasing Cyber Risk

2009 2010 2011 2012 2013 20140

5

10

15

20

25

30

35

40

45

Mill

ion

NUMBER OF DETECTED CYBER INCIDENTS

Source: PwC, The Global State of Information Security Survey 2015

“84% of a breaches evidence resided in the log data.”

2015 Verizon Data Breach Investigation Report

Holistic Attack SurfaceUser

Endpoint

Network

Endpoint

Network

User

Endpoint

Network

User

Endpoint

Network

User

Endpoint

Network

Endpoint

User

Network

User

Endpoint

Network

User

Endpoint

Network

Endpoint

Endpoint

User

User

Network

User

“By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches up from less than 10% in 2013.”

- Neil MacDonald, Gartner

Initial Compromise

Command & Control

Lateral Movement

Target Attainment

ExfiltrationCommand & Control

Lateral Movement

Target Attainment

Exfiltration

By reducing MTTD and MTTR LogRhythm’s Security Intelligence Platform helps break the kill chain.

Early neutralisation equals no damaging cyber incident or data breach.

Reconnaissance

Faster Detection & Response Reduces Risk

Months Weeks Days Hours Minutes

High

Low

MTTD & MTTR

Chance of Damaging Cyber Incident or Data Breach

TIME TO DETECT

Eradicate

Cleanup

Report

Review

Adapt

Threat Lifecycle Management™

TIME TO RESPOND

SecurityEvent Data

Log &Machine Data

Forensic Sensor Data

Forensic Data

Machine Analytics

Discover Qualify

Analyze the threat and

associated risk, determine if an

incident has or is occurring

Investigate Mitigate Recover

Implement counter-

measures and controls that mitigate risk presented by

the threat

Assess threat and determine if it poses risk and whether a full investigation is required

User Analytics

Largest, Fastest GrowingIndependent SIEM Provider

Global Operation

Focus on Customer Success

Demonstrated Leader

Thank You