ManageEngine Shortens Breach Life Cycle with Launch of ML-powered Exploit Triad Analytics in Its SIEM Solution

Company's SIEM Solution Gains Contextual, Granular, Smart Analytics; Refines Enterprises' Breach Detection and Mitigation

  • Outsmarts malicious actors by leveraging contextual data from AD and UEBA to deconstruct the exploit triad: users, entities and processes
  • Neutralizes threats with a correlation package containing rules for detecting prevalent attacker tools and living off the land (LOTL) threats
  • Explore the new version of Log360 now:

DEL VALLE, Texas--()--ManageEngine, the enterprise IT management division of Zoho Corporation, today announced the release of a unique, ML-powered exploit triad analytics feature in its SIEM solution, Log360.

Now, enterprises can knowledgeably trace the path of adversaries and mitigate breaches by providing complete contextual visibility into the exploit triad: users, entities and processes. The feature update was unveiled at the ManageEngine User Conference at The Ritz-Carlton, Dubai International Financial Centre in the United Arab Emirates.

Addressing the Critical Need for Faster Breach Response

"Today’s cyberthreats masterfully blend into the fabric of legitimate activity, weaponizing stolen credentials, mimicking trusted processes and exploiting human vulnerabilities. These insidious tactics create a critical challenge: an extended data breach life cycle. It takes an alarming 277 days to identify and contain a data breach, with expenses surging by 23% after surpassing the 200-day mark. Manual, unguided threat analysis is a losing battle—a labyrinth of multi-tool chaos," said Manikandan Thangaraj, vice president of ManageEngine.

"By offering a dynamic tapestry of insights into user attributes, process lineage and threat intelligence, Log360's ML-powered exploit triad analytics transcends from merely assisting detection to enabling better comprehension. This makes it a game-changer in reducing the breach life cycle," said Thangaraj.

Highlights of ML-powered Exploit Triad Analytics

Log360’s threat detection and incident response (TDIR) module, Vigil IQ, features a dual-layered threat detection system released last year. With today's announcement, security takes a step further with advanced analytics offering deeper insights and faster response times.

  • A three-way threat hunting core: User, device and process analytics are unified on a single console that allows security professionals to delve deep into investigation as they traverse through the Incident Workbench.
  • ML-powered contextual data enrichment: Log360's in-depth contextual analysis incorporates insights from UEBA; process tree visualization; and the risk scoring of IPs, URLs and domains.
  • A process hunting suite: The process flow probing capability on the Incident Workbench and the correlation rules for the spawning of suspicious processes together create a complete suite for process hunting.

Empowering the cyber investigation dashboard, the latest iteration of Vigil IQ also enhances threat detection capabilities with the introduction of the following features:

  • A correlation package for prevalent attacker tools and LOTL threats: Augmenting the Incident Workbench, the solution also enhances the threat detection capabilities of Vigil IQ with more than 100 out-of-the-box correlation rules for effective detection of prevalent attacker tools in the environment and LOTL attacks.
  • An integration with VirusTotal: The scope of the Advanced Threat Analytics feature has expanded via an integration with VirusTotal, one of the leading threat intelligence services, for enhanced visibility into external threats and risk analysis.

About Log360

Log360 is a unified SIEM solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates and responds to security threats. Vigil IQ, the solution's TDIR module, combines threat intelligence, an analytical Incident Workbench, ML-based anomaly detection and rule-based attack detection techniques to detect sophisticated attacks, and it offers an incident management console for effectively remediating detected threats. Log360 provides holistic security visibility across on-premises, cloud and hybrid networks with its intuitive and advanced security analytics and monitoring capabilities. For more information about Log360, visit and follow the LinkedIn page for regular updates.

About ManageEngine

ManageEngine is the enterprise IT management division of Zoho Corporation, catering to a wide range of organizations, MSPs and MSSPs. Established and emerging enterprises—including 9 of every 10 Fortune 100 organizations—rely on ManageEngine's real-time IT management tools to ensure optimal performance of their IT infrastructure, including networks, servers, applications, endpoints and more. ManageEngine has offices worldwide, including in the United States, the United Arab Emirates, the Netherlands, India, Colombia, Mexico, Brazil, Singapore, Japan, China, Australia and the United Kingdom as well as 200+ global partners to help organizations tightly align their business and IT. For more information, please visit the company site, follow the company blog and get connected on LinkedIn, Facebook, Instagram and X (formerly Twitter).


Ahana Vissa

Release Summary

ManageEngine announced the release of a unique, ML-powered exploit triad analytics feature in its SIEM solution, Log360.


Ahana Vissa