ɫɫ�о���

Market-leading security data platform also introduces an open data analytics cloud and automated SOC workflow enhancements  

Boston, MA – July 30, 2024—ɫɫ�о��� Technology, the security data analytics company, is launching data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements, offering security teams data control, cost optimizations, and efficient automation. 

Security teams are grappling with the vast amounts of data they need to manage and analyze, as many traditional SIEMs do not cost-efficiently ingest data from any source. With the launch of ɫɫ�о���’s new data orchestration and data analytics cloud, organizations aren’t forced to omit data sources because it’s too expensive. ɫɫ�о���’s SOC workflow enhancements also enable analysts to easily act on that data with AI-driven automation for precise threat detection and incident response. 

“No organization should have to forgo security because of high vendor costs that balloon with scale,” said Rakesh Nair, SVP of product and engineering at ɫɫ�о���. “While there have been many changes in the SIEM market, we’ve remained unwaveringly focused on enabling our customers to maintain control while providing them with the flexibility they need to meet their unique SOC needs. Built on the principles of agnostic data support, we empower security teams to analyze and act—fast.”

ɫɫ�о��� integrates data orchestration into the ingest pipeline for cost efficiency 

ɫɫ�о��� Data Orchestration gives companies total control of their data so they can manage and analyze it from any source—at scale and on their terms. It filters and routes data to destinations such as Amazon S3, Databricks, Snowflake, and others to ensure the most valuable data is available for real-time analytics and alerting, while optimizing where less valuable data is stored. This gives enterprises and managed security service providers (MSSPs) the flexibility to manage costs while scaling to meet growing data volumes. 

“The exponential expansion of the attack surface is leading many security teams to make hard decisions about what data sources they do and don’t ingest. However, this can introduce blind spots, leaving them vulnerable to cyberattacks,” said Michelle Abraham, research director, security and trust, IDC. “Having data orchestration capabilities embedded directly within a SIEM is very attractive, as many organizations seek this functionality to reduce data costs while continuing to scale.”

ɫɫ�о��� introduces an open data analytics cloud to give organizations control

With the increase in data sources, organizations need flexible solutions that enable them to control and customize as needed. ɫɫ�о��� Data Analytics Cloud orchestrates and ingests petabytes of structured and unstructured data from any source or data lake. It also enables security teams and MSSPs to build custom security applications and integrations. Organizations can also use ɫɫ�о���’s pre-built alerts, applications, and dashboards to get started fast.

ɫɫ�о��� automates the most time-intensive SOC workflows to improve analyst experience

SOC teams need solutions that enable them to work more efficiently and make decisions faster. Building on the launch of ɫɫ�о��� DeepTrace, which made ɫɫ�о��� the only SIEM with attack-tracing AI, ɫɫ�о��� continues to embed AI throughout the SOC workflow, giving security teams the right context to act quickly—and confidently. 

• ɫɫ�о��� ThreatLink™ offers centralized, automated case management to help security teams track and collaborate on security incidents and alerts. It automates alert triage by correlating and enriching alerts into high-fidelity cases, reducing analyst workload from thousands of alerts to tens of cases per day. Comprehensive reporting offers valuable insights into SOC performance, enabling data-driven operations and demonstrating value to stakeholders. ɫɫ�о��� ThreatLink helps analysts prioritize threats, investigate efficiently, and take decisive action. 
• ɫɫ�о��� Behavior Analytics is a UEBA solution that uncovers anomalous activity across users, devices, and domains within multi-petabyte datasets. It now delivers enhanced threat detection with tunable risk-based alerting, instantaneous anomaly flagging through a new streaming architecture, and targeted monitoring of high-risk assets combined with noise reduction via flexible whitelisting capabilities. Analysts can easily prioritize high-risk threats with Behavior Analytics’ entity risk context within ɫɫ�о��� ThreatLink.

“Since deploying ɫɫ�о��� ThreatLink, our security team has seen a significant reduction in irrelevant alerts, enabling them to focus their time and energy on the threats that matter,” said Duane Hopkins, head of global cybersecurity at Carhartt. “The team can collaborate more easily and efficiently, greatly improving our ability to investigate and respond to incidents. It’s critical for us to continue to scale our security operations, and solutions like ɫɫ�о���’s enable us to do that by accelerating alert triage so our analysts don’t waste time and instead focus on true threats.”

To learn how ɫɫ�о��� can put control back in the hands of your security team, meet ɫɫ�о��� at Black Hat USA from August 7-8. You can also visit this page to learn more about ɫɫ�о���’s new data handling and automated SOC workflow capabilities. 

About ɫɫ�о���

ɫɫ�о��� Technology replaces traditional SIEMs with a real-time security data platform. ɫɫ�о���’s integrated platform serves as the foundation of your security operations and includes data-powered SIEM, SOAR, and UEBA. AI and intelligent automation help your SOC work faster and smarter so you can make the right decisions in real time. Headquartered in Boston, Massachusetts, with operations in North America, Europe, and Asia Pacific, ɫɫ�о��� is backed by Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, Kibo Ventures and Eurazeo.