Crusader Community Health uses Log360 to detect and mitigate cyberattacks | With the help of advanced threat analytics, Crusader Community Health secures its sensitive data

Challenges

As a healthcare organization, Crusader's primary requirement is to adhere to the HIPAA compliance mandate. Meeting the compliance requirements is a continuous process. It involves not only meeting the rules stated in the mandate but also enhancing the security posture of the enterprise.

Crusader wanted to enhance its security posture by analyzing its users' behavior. The company also wanted to audit all its network devices and applications to proactively hunt for any threats. Crusader was looking for a unified security solution that could give it the visibility it needed and help ease compliance audits.

The solution: Log360

Implementing ManageEngine Log360 has helped Crusader Community Health identify security threats and improve its security posture. The solution has aided Crusader with:

• Network device monitoring: Log360's security analytics plays an important role in detecting and preventing security breaches by continuously surveilling, collecting logs, and analyzing the devices, like firewalls, switches, and routers. With Log360, Crusader's threat hunters have gained complete visibility into raw log data, so they are now able to monitor the network for threats proactively and resolve them before they get out of hand.
• Compliance requirements: Log360's audit-ready HIPAA compliance reports and compliance violation alerts have helped ease the HIPAA audit process for Crusader.
• Event correlation for attack detection: Log360's predefined correlation rules have helped Crusader's IT admins detect cyberattacks, like ransomware, privilege escalation, and file integrity threats. The threat hunters get alerted through real-time alert notifications, either via SMS or email, about any malicious security events or compliance-specific events detected across the network.
• User and entity behavior analytics (UEBA): Log360 establishes a standard baseline of behavior for all users in the network and assigns the users risk scores. With the help of this feature, Crusader's threat hunters have been able to detect suspicious activities like anomalous logins or deleted event logs. Therefore, it is now easier for the IT admins to keep tabs on unauthorized activities.
• Dashboard metrics: With Log360's dashboard, Crusader's threat hunters can take a quick glance at all the major security events taking place in the network or the Active Directory infrastructure. The graphical data has made it easy for them to gain valuable insights so they can develop incident response plans.

Impact

Crusader Community Health is completely satisfied in choosing Log360 as its SIEM solution. The company has found the product to be user-friendly and is mainly impressed by the alert features that help detect critical security events.

Lonnie Lehman, director of IT and cybersecurity operations at Crusader, was able to identify account compromise with the help of Log360's UEBA as he detected and sorted out suspicious changes made to sensitive files in less than a week. Crusader also appreciated the customer service that was provided by Log360's support team and how the team helped resolve all issues.

Lehman said, "Log360 is an essential component in our organization that made our job hassle-free, and I would definitely recommend it to other healthcare organizations that are seeking a SIEM solution."

About Log360

Log360 is a unified SIEM solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates, and responds to security threats. It combines threat intelligence, machine learning-based anomaly detection, and rule-based attack detection techniques to detect sophisticated attacks, and offers an incident management console for effectively remediating detected threats. Log360 provides holistic security visibility across on-premises, cloud, and hybrid networks with its intuitive and advanced security analytics and monitoring capabilities. For more information about Log360, visit  manageengine.com/log-management.