ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, has strengthened its unified security platform Log360 with a reengineered threat detection approach. This major enhancement addresses the challenges faced by modern security operations center (SOC) teams, filtering out irrelevant alerts to enable faster triage and reduce analyst burnout in environments overwhelmed by data noise.
Over 60% of SOC teams struggle with irrelevant threat data, with 53% of cloud security alerts classified as noise according to the 2025 Threat Intelligence Benchmark study. ManageEngine's latest Log360 release tackles this by introducing a unified detection console that consolidates MITRE ATT&CK-aligned rules, correlation logic, user and entity behavior analytics (UEBA) insights, and threat intelligence feeds. Security teams can create standard, anomaly-based, or advanced detection rules via an interactive UI without complex queries. Object-level filters for Active Directory users, groups, and OUs ensure continuous monitoring of high-value identities while suppressing low-priority alerts, allowing analysts to prioritize genuine threats effectively.
Manikandan Thangaraj, vice president at ManageEngine, explained the strategic focus: “The biggest challenge for security teams today isn’t collecting data—it’s separating genuine signals from overwhelming noise. We've reengineered our detection system to not just build more complex rules, but to deliver true efficiency and empower SOC with flexible, granular rule-tuning capabilities that go beyond simple thresholds. With this advancement, SOC analysts can filter out benign noise without sacrificing the ability to catch a true compromise. This shifts our focus to a targeted pursuit of genuine threats—ensuring we're effectively protecting and not just monitoring twenty-four seven.” This approach enhances signal quality, reduces false positives, and supports scalable operations as log volumes increase.
Log360 now includes over 1,500 prebuilt detection rules covering privilege escalation, lateral movement, endpoint tampering, and SaaS attacks, curated by ManageEngine's threat research team for accuracy and low false positives. These rules, including SIGMA-based detections, are delivered via cloud updates to keep coverage current. The multi-tier enterprise architecture features log processor clusters, role-based processing for correlation, enrichment, and alerting, and centralized multi-site collection, ensuring resilience and performance in large, distributed environments. This foundation supports horizontal scalability to meet growing enterprise demands.
Early beta testing by Emergency Communications of Southern Oregon (ECSO) 911, a Log360 customer serving Jackson County and Crater Lake National Park, demonstrated significant improvements. Corey Nelson, IT manager at ECSO 911, stated: “For a 911 emergency communications center, security is the foundation of public trust—and any failure has immediate, real-world consequences. The latest advanced detection capabilities are not optional—they are essential. With Log360's optimized detection rules and filtering techniques, we have reduced false or low-priority alerts by 90%, allowing our analysts to focus on the threats that matter most. This improvement has significantly accelerated our ability to identify and respond to real cyber incidents.” This validation highlights Log360's practical impact on threat detection-to-response cycles.
ManageEngine's enhancements to Log360 position it as a robust unified SIEM solution with integrated DLP and CASB capabilities, providing holistic visibility across on-premises, cloud, and hybrid environments. By prioritizing high-value signals and enabling efficient scaling, Log360 empowers SOC teams to protect enterprises more effectively, fostering resilience against evolving cyber threats while maintaining compliance and performance.
Log360 is a unified SIEM solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates, and responds to security threats. Vigil IQ, the solution's TDIR module, combines threat intelligence, an analytical Incident Workbench, ML-based anomaly detection, and rule-based attack detection techniques to detect sophisticated attacks, and it offers an incident management console for effective remediation. With reengineered detection—including a centralized detection console, multi-mode rule creation, tuning insights, and object-level filters—Log360 elevates signal quality and reduces false positives. The solution provides holistic visibility across on-premises, cloud, and hybrid environments with intuitive security analytics and monitoring. For more information about Log360, visit manageengine.com/log-management/ and follow the LinkedIn page for regular updates.
ManageEngine is a division of Zoho Corporation and a leading provider of IT management solutions for organizations across the world. With a powerful, flexible, and AI-powered digital enterprise management platform, we help businesses get their work done from anywhere and everywhere—better, safer, and faster.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.