We’re excited to let our business customers know that LogRhythm recently selected Keeper as a Technology Alliance Partner. This new partnership enables businesses to seamlessly integrate Keeper’s extensive password-related event data into LogRhythm’s NextGen Security Information and Event Management (SIEM) platform for threat monitoring.
This partnership comes at a time when stolen and compromised passwords are responsible for the overwhelming majority of successful data breaches. Data related to password security is critical to defending against cyberattacks, yet many businesses have limited or no visibility into their employees’ password practices.
Additionally, in an increasingly complex threat environment, organizations must manage many different sources of security data. Effective cybersecurity requires the ability to view data collected from multiple security solutions through a single pane of glass.
Keeper & LogRhythm: Integrated Data Sharing for 360-Degree Threat Analyses
Keeper’s Advanced Reporting and Alerts module (ARAM) offers event logging and event tracking for nearly 100 password security event types, giving businesses visibility into both administrator and user actions, including disabling multi-factor authentication (2FA), export of vault contents, change of role policy, sharing of password records, and many more. Activities can be more precisely monitored by specifying event attributes, such as the IDs for specific records, shared folders, teams, and/or users.
Companies can also access trend data and observe password events over 24-hour, 7-day, and 30-day periods of time. Among other benefits, this allows administrators to observe changes in password behaviors over time, ensure that employees are in fact using Keeper, and ensure that they are using it properly.
Businesses can automatically feed Keeper’s live event data into LogRhythm’s NextGen SIEM, which then combines it with other real-time security data from across the organization, such as privileged access, authentication, and physical access. LogRhythm can also incorporate Keeper’s data into automated advanced correlation rules, which generate highly focused alerts that identify suspicious or risky activity. For example, administrators can choose to be notified if an employee is found to be violating the organization’s password procedures.
LogRhythm powered by ARAM data gives companies a more holistic view of their real-time cyberthreat environment, allowing them to improve their threat detection and response by giving them easy and centralized access to the most comprehensive, up-to-date information on both their password security and their overall security posture.
Setting up Keeper-LogRhythm integration is simple. Administrators simply click the “Setup” button within the Keeper Admin Console and provide the host connection address.