Webroot, LogRhythm Partner on Security Integration

LogRhythm users can correlate global IP Reputation data from Webroot against data already collected within LogRhythm to identify malicious IP traffic.

Webroot and IT security

Cloud-based Web threat detection specialist Webroot and security intelligence company LogRhythm announced a partnership that will integrate Webroot’s BrightCloud IP Reputation Service with LogRhythm’s Security Intelligence platform to identify threats more quickly and accurately.

The BrightCloud IP Reputation Service for LogRhythm is a real-time threat intelligence service that helps LogRhythm customers identify malicious and benign IPs in their network traffic.

LogRhythm users can correlate global IP Reputation data from Webroot against data already collected within LogRhythm to identify malicious IP traffic.

Once identified, the system can perform a number of additional tasks to provide visibility into network behavioral changes, malicious IPs and automate the remediation of attacks.

This partnership and resulting functionality is found in LogRhythm’s platform, which features security information and event management (SIEM), log management, network forensics, host forensics and advanced security analytics.

Patrick Kennedy, Webroot’s vice president of enterprise marketing, told eWEEK IT should be a top priority for small and midsize businesses (SMBs) because they are actually at a greater risk than any other business segment.

"Unlike larger enterprises, small businesses often don’t have a large IT staff or deep security expertise to deploy and monitor the kinds of advanced solutions needed to protect against sophisticated attacks," Kennedy said. "Another concern is that small businesses are frequently connected to larger enterprises as a part of their value chain. The criminals know this, and are targeting smaller companies as a means of penetrating a larger enterprise."

In June, Webroot unveiled BrightCloud Security Services for Enterprise, a portfolio of services which makes Webroot’s threat intelligence available to enterprises through integration with network security and management platforms.

The platform works by collecting and analyzing threat intelligence across multiple vectors and then correlates this data using the Webroot Intelligence Network, a cloud-based security analytics platform, to provide actionable real-time threat intelligence.

"Security threats have become more sophisticated and more rampant, creating a challenge for older security technologies and more reactive rather than proactive threat intelligence solutions," Kennedy said. "The volume of attacks keeps growing exponentially, and in the past 12 months we have seen mobile device attacks in particular grow by over 1,000 percent, so now cyber-criminals are targeting workers regardless of their location or device platform."

Kennedy also noted all companies, whether enterprise or SMBs–especially those dealing with proprietary information or customer data–must balance their security resources against their risk tolerance, and look at solutions that provide them with the greatest scope of protection.

"As enterprises continue to bolster their defenses and work to keep up with the myriad of threats facing them, SMBs may have a more difficult time staying ahead of these types of threats, especially if they are targeted at them," he said. "Cyber-criminals also recognize that, while the prize might not be as large, it may be easier to infiltrate SMBs if they are unable to invest in proper security measures."

Webroot is also an inaugural partner of LogRhythm’s Threat Intelligence Ecosystem, a collective of threat intelligence vendors focused on delivering security intelligence through a next-generation security analytics and intelligence platform.