New capabilities in the unified security platform reduce false positives, enable scaling, and keep threat coverage current.
ManageEngine, the enterprise IT management division of Zoho Corporation, has unveiled a major enhancement to its SIEM solution, Log360. The platform’s reengineered detection system is designed to address one of the most pressing challenges in modern security operations centers (SOCs): alert fatigue.
“The biggest challenge for security teams today isn’t collecting data—it’s separating genuine signals from overwhelming noise. We’ve reengineered our detection system to deliver true efficiency and empower SOCs with flexible, granular rule-tuning capabilities.”
– Manikandan Thangaraj, Vice President, ManageEngine
A recent Google-commissioned Threat Intelligence Benchmark study revealed that over 60% of SOC teams are overwhelmed by irrelevant threat data, with more than half of cloud security alerts dismissed as noise. ManageEngine’s upgraded Log360 directly tackles this issue by filtering out low-value alerts, enabling faster triage, and reducing analyst burnout.
“For a 911 emergency communications center, security is the foundation of public trust—and any failure has immediate, real-world consequences. With Log360’s optimized detection rules and filtering techniques, we have reduced false or low-priority alerts by 90%, allowing our analysts to focus on the threats that matter most.”
– Corey Nelson, IT Manager, ECSO 911
The latest release introduces a centralized detection console, object-level rule filters, and more than 1,500 prebuilt detection rules mapped to the MITRE ATT&CK® framework and SIGMA. Delivered through the cloud, these rules are continuously updated to keep pace with emerging threats.
Beta testing by Emergency Communications of Southern Oregon (ECSO) 911, a critical U.S. emergency dispatch center, validated the system’s impact—achieving a 90% reduction in false alerts and accelerating detection-to-response times.
Key highlights of the upgrade include:
- Reengineered detection: A unified console consolidating MITRE ATT&CK rules, correlation logic, UEBA insights, and threat intel feeds, with interactive UI-driven rule creation and fine-grained filters.
- Cloud-delivered content: A library of 1,500+ curated rules covering use cases from privilege escalation to SaaS attacks, continuously updated via cloud delivery.
- Enterprise-grade scalability: Multi-tier architecture with role-specialized processing and centralized, multi-site log collection to support large, distributed enterprises.
With these enhancements, Log360 not only improves detection accuracy but also strengthens ManageEngine’s position as a unified security platform capable of scaling with enterprise demand.
