LogRhythm Intelligence Cloud Data Security
As a cloud-native add-on to LogRhythm SIEM, LogRhythm Intelligence is designed to protect your data through multiple layers of security.
The bidirectional data flow in LogRhythm Intelligence is facilitated through the integration of LogRhythm SIEM with the Exabeam Security Operations Platform, enabling seamless communication between on-premises and cloud components and ensuring secure and efficient data exchange.
The process begins with logs being collected within the LogRhythm SIEM, which acts as the primary security event hub. These logs are then securely transmitted through the Log Distribution Service (LDS) to an Exabeam Site Collector. The Site Collector ensures data integrity and provides an additional layer of control before securely forwarding log data to the cloud over an encrypted connection.
Once in the cloud, LogRhythm Intelligence processes the data using advanced User Entity and Behavioral Analytics (UEBA), Prioritization, Risk Scoring, and Correlation Rules to detect anomalies and potential security threats. This analysis is performed by over 790 machine learning models that establish behavioral baselines and identify deviations indicative of insider threats, compromised accounts, and other malicious activity.
LogRhythm Intelligence ensures:
Secure Processing: LogRhythm Intelligence ingests data from LogRhythm SIEM and processes it using machine learning (ML) models to detect anomalies related to potential user attacks, such as insider threats and compromised accounts. This processing occurs within a secure cloud environment, ensuring that sensitive data is handled with strict access controls.
Data Privacy with Machine Learning Models: To protect user privacy, Exabeam's generative AI models do not store personally identifiable information (PII). They utilize third-party large language models, such as Google Gemini, to process queries, with data being ephemeral, meaning it is stored only temporarily in memory during processing and deleted immediately after the request is returned. Furthermore, Exabeam ensures that customer data is not used to train or fine-tune these large language models; instead, training relies exclusively on anonymized data and proprietary internal datasets. This approach maintains the integrity of AI-driven security solutions while respecting user privacy.
Cloud-Native Protection: LogRhythm Intelligence benefits from enterprise-grade cloud security, including data encryption in transit and at rest, allowing you to maintain control over your data while benefiting from machine learning.