.jpg)
2 hours ago
2
Article content
New Capabilities in Log360 Tackle False Positives, Keep Threat Coverage Current, and Enable Scaling With Enterprise Demand
THIS CONTENT IS RESERVED FOR SUBSCRIBERS ONLY
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman, and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
SUBSCRIBE TO UNLOCK MORE ARTICLES
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
REGISTER / SIGN IN TO UNLOCK MORE ARTICLES
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account.
- Share your thoughts and join the conversation in the comments.
- Enjoy additional articles per month.
- Get email updates from your favourite authors.
THIS ARTICLE IS FREE TO READ REGISTER TO UNLOCK.
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account
- Share your thoughts and join the conversation in the comments
- Enjoy additional articles per month
- Get email updates from your favourite authors
Sign In or Create an Account
or
Article content
- Rule tuning and insights help teams prioritize high-value signals
- 1,500+ prebuilt and cloud-delivered detection rules are mapped to MITRE ATT&CK® threat modeling framework and SIGMA
- Register for the launch session scheduled on September 30, 2025, at https://mnge.it/8gM
- Learn more about Log360’s threat detection capabilities at https://mnge.it/Vi9
Article content
Article content
Article content
AUSTIN, Texas — ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, today announced that its security information and event management (SIEM) solution, Log360, has been strengthened with a reengineered threat detection approach, in a major enhancement aimed at addressing the needs of modern-day security operations center (SOC) teams.
Article content
By signing up you consent to receive the above newsletter from Postmedia Network Inc.
Article content
Over 60% of SOC teams are overwhelmed with irrelevant threat data, of which a majority (53%) of cloud security alerts can be considered noise, according to the 2025 Threat Intelligence Benchmark study commissioned by Google. ManageEngine’s latest release bolsters Log360’s position as a unified security platform by filtering out the security alert noise, thereby enabling faster triage and reducing burnout issues faced by security analysts.
Article content
“The biggest challenge for security teams today isn’t collecting data—it’s separating genuine signals from overwhelming noise,” said Manikandan Thangaraj, vice president at ManageEngine. “We’ve reengineered our detection system to not just build more complex rules, but to deliver true efficiency and empower SOC with flexible, granular rule-tuning capabilities that go beyond simple thresholds. With this advancement, SOC analysts can filter out benign noise without sacrificing the ability to catch a true compromise. This shifts our focus to a targeted pursuit of genuine threats—ensuring we’re effectively protecting and not just monitoring twenty-four seven.”
Article content
The new capabilities include a centralized detection console, object-level rule filters, and over 1,500 prebuilt detection rules that are continuously delivered and updated from the cloud. This upgrade also lays the foundation for enterprise-grade scalability—with a multi-tier architecture, role-specialized log processing, and centralized multi-site collection—ensuring performance and resilience as data sources and log volumes grow.
Article content
ECSO 911 Validates Log360’s Impact
Article content
Early beta testing by Emergency Communications of Southern Oregon (ECSO) 911, a United States-based Log360 customer, validated the impact of these improvements, demonstrating a measurable reduction in false positive alerts and faster detection-to-response cycles. ECSO is a combined emergency dispatch facility and Public Safety Answering Point (PSAP) for all of the 911 lines in Jackson County and Crater Lake National Park in the state of Oregon.
Article content
Article content
“For a 911 emergency communications center, security is the foundation of public trust—and any failure has immediate, real-world consequences. The latest advanced detection capabilities are not optional—they are essential,” said Corey Nelson, IT manager, ECSO 911. “With Log360’s optimized detection rules and filtering techniques, we have reduced false or low-priority alerts by 90%, allowing our analysts to focus on the threats that matter most. This improvement has significantly accelerated our ability to identify and respond to real cyber incidents.”
Article content
Key Highlights of Log360’s New Upgrade
Article content
- Reengineered detection: Log360 introduces a unified detection console that consolidates all detection content—including MITRE ATT&CK-aligned rules, correlation logic, user and entity behavior analytics ( UEBA) insights, and threat intel feeds—into a single pane of glass. Security teams can create standard, anomaly-based, or advanced detection rules through an interactive UI, without writing complex queries. Object-level filters across Active Directory users, groups, and OUs ensure that high-value identities are continuously monitored while suppressing low-priority noise.
- Cloud-delivered content: More than 1,500 prebuilt rules cover a wide range of use cases from privilege escalation and lateral movement to endpoint tampering and SaaS attacks. These rules are researched, curated, and tested by ManageEngine’s in-house threat research team to ensure accuracy and low false positives, and are delivered through a cloud-based update mechanism so users always stay current. Adoption of SIGMA-based detection rules is also included in this refined package.
- Multi-tier enterprise architecture: Log360’s architecture enhancements enable horizontal scalability with log processor clusters and role-based processing (correlation, enrichment, alerting)—as well as centralized collection from distributed sites—ensuring performance continuity even in large, geographically distributed enterprises.
Article content
About Log360
Article content
Article content
is a unified
Article content
Article content
solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates, and responds to security threats. Vigil IQ, the solution’s TDIR module, combines threat intelligence, an analytical Incident Workbench, ML-based anomaly detection, and rule-based attack detection techniques to detect sophisticated attacks, and it offers an incident management console for effective remediation. With reengineered detection—including a centralized detection console, multi-mode rule creation, tuning insights, and object-level filters—Log360 elevates signal quality and reduces false positives. The solution provides holistic visibility across on-premises, cloud, and hybrid environments with intuitive security analytics and monitoring. For more information about Log360, visit
English (US)