Organizations are often fighting with mounting cyber threats, understaffed SOCs and the burden of false positives. A recent ManageEngine study revealed that many respondents struggle with overworked and under-resourced SOC teams. This then leads to extended detection and response times, inefficient investigations and ultimately, heightened organizational vulnerability.
Recognizing this challenge, ManageEngine, the enterprise IT management division of Zoho Corporation, and an MSP Expo Silver sponsor, announced an advancement in its Log360 security information and event management, or SIEM, solution with the introduction of a dual-layered threat detection system. This technology, integrated within Log360's threat detection, investigation, and response component, Vigil IQ, will let SOC teams have better precision and accuracy in threat identification.
This system leverages the power of machine learning (ML) in two distinct phases.
The first phase is enhanced threat filtering.
The initial layer utilizes a supervised ML model trained on a dataset of real-world threats and attack patterns. This model effectively filters out low-priority events and false positives, reducing alert fatigue and streamlining the workflow for SOC analysts.
This is great because by eliminating noise, analysts can focus their valuable time and expertise on genuine threats.
The second phase is dynamic threat identification and response.
The second layer employs an unsupervised ML model that continuously learns and evolves based on the organization's unique security landscape. This model proactively identifies novel and emerging threats, even those that may evade traditional signature-based detection methods.
With this proactive approach, SOC teams stay ahead of the curve and effectively mitigate threats before they can inflict damage.
"We pioneered a dual-layered, ML approach to heighten the precision and consistency of threat detection,” said Manikandan Thangaraj, Vice President at ManageEngine. “First, Vigil IQ ensures genuine threats are discerned from false positives. Second, the system facilitates targeted threat identification and response.”
The system also boasts simplified security operations, enhanced threat visibility and reduced costs. The streamlined workflow reduces manual investigation burden. The proactive identification of novel threats provides comprehensive security posture awareness and enables SOC teams to take pre-emptive measures. By minimizing false positives and streamlining operations, the system can lead to significant cost savings for organizations.
“This advanced system significantly improves the accuracy of identifying threats, streamlining the detection process and allowing SOC analysts to focus their valuable time on investigating real threats,” said Thangaraj.
ManageEngine is a Silver sponsor of MSP Expo, taking place in Fort Lauderdale, Florida, February 13-15, 2024. Part of the #TECHSUPERSHOW, MSP Expo is the premier event for MSPs, offering a three-day experience combining conference education, networking opportunities, an exhibit hall full of the latest technologies and solutions to help MSPs build their business, and more. ManageEngine will be in booth #260 in the exhibit hall.
Edited by
Alex Passett