Security Intelligence Company LogRhythm has announced the availability of Network Monitor 3. This latest monitor will help organisations to detect, investigate and neutralise advanced threats such as ransomware, spear phishing and APTs faster and with greater precision than ever before, according to the company.
Leading the list of the monitor’s new features is Deep Packet Analytics (DPA). DPA performs real-time automated machine analytics on all network traffic, applying behavioural and statistical analysis to rich data sets produced by the monitor’s Full Packet Capture and Layer 7 SmartFlow features. The result is speed and precision in detecting advanced threats traversing enterprise networks. This lowers the risk of high-impact breaches and improves efficiency and effectiveness of information security staff.
The monitor’s DPA also automates incident response investigations by enabling responders to create custom analytics rules that can inspect full packet streams in real time. Additionally, DPA enhances the monitor’s SmartCapture policies to trigger packet capture on traffic that is aligned with concerning network activities including known indicators of compromise (IOC). Other network monitoring and analytic platforms require the capture and storage of all packets regardless of their association with suspicious activity, according to the company.