ManageEngine Log360 Update Cuts SOC Alert Fatigue
▼ Summary
– ManageEngine has enhanced its Log360 SIEM solution with a reengineered threat detection approach to better support SOC teams.
– Over 60% of SOC teams are overwhelmed by irrelevant threat data, with 53% of cloud security alerts being noise, as per a 2025 Google study.
– The upgrade includes a centralized detection console, object-level rule filters, and over 1,500 prebuilt, cloud-updated detection rules.
– It also introduces enterprise-grade scalability features like multi-tier architecture and centralized multi-site log collection.
– Beta testing by ECSO 911 showed a 90% reduction in false positives and faster detection-to-response cycles, validating the improvements.
Security operations centers face a constant battle against overwhelming data streams, where critical threats often get lost in a sea of irrelevant alerts. ManageEngine’s Log360 has introduced a major update engineered specifically to combat this challenge, delivering smarter threat detection that prioritizes genuine risks over background noise. This enhancement directly targets the alert fatigue that plagues modern SOC teams, enabling faster and more accurate incident response.
Recent research highlights the scale of the problem: more than 60% of SOC professionals report being inundated with non-actionable data, and over half of all cloud security alerts are considered false positives. Log360’s redesigned detection framework filters out this clutter, allowing analysts to concentrate on legitimate threats. The platform now offers a centralized detection console, granular rule-tuning options, and more than 1,500 prebuilt detection rules that are cloud-updated in real time.
According to Manikandan Thangaraj, VP at ManageEngine, the real innovation lies not in adding more rules, but in refining their precision. “Security teams don’t need more data, they need better signals,” he explained. “Our reengineered system provides flexible, object-level filtering that goes beyond basic thresholds. Analysts can now suppress benign activity without missing actual compromises, shifting from constant monitoring to targeted threat hunting.”
The upgrade also future-proofs the platform with enterprise-ready architecture, including multi-tier processing, role-based log handling, and centralized multi-site collection. These features ensure that performance remains robust even as log volumes expand.
Early adoption has already demonstrated significant results. Emergency Communications of Southern Oregon (ECSO 911), a Log360 user, reported a 90% reduction in false alerts after implementing the new detection capabilities. As a critical 911 dispatch center, ECSO depends on reliable security to maintain public trust and operational continuity.
Corey Nelson, IT Manager at ECSO 911, emphasized the importance of these improvements: “In our line of work, security failures have immediate real-world impacts. With Log360’s optimized rules and filtering, our team can focus on high-priority threats. We’ve dramatically sped up our detection and response times, which is essential when every second counts.”
Key enhancements in this release include a centralized detection dashboard, advanced object-level filtering, and scalable multi-site architecture, all designed to reduce noise and sharpen focus on true security incidents.
(Source: HelpNet Security)
