ManageEngine has rolled out substantial enhancements to its unified security solution, Log360, aimed at reducing the volume of false alarms faced by security operations centre teams. The upgraded detection system introduces over 1,500 prebuilt, cloud-delivered detection rules mapped to MITRE ATT&CK and SIGMA frameworks, along with advanced filtering and prioritisation features.

The alert fatigue that has long plagued SOC analysts is being addressed through a reengineered detection architecture that centralises all detection content-rules, correlation logic, user and entity behaviour analytics, and threat intelligence-into a unified console. Object-level filters give granular control over Active Directory users, groups, and organisational units, meaning teams can suppress noise while keeping an eye on high-value identities. Role-specialised log processing and a multi-tier architecture have been introduced to ensure performance scales in large, distributed enterprise environments.

According to a 2025 Threat Intelligence Benchmark study commissioned by Google, over 60% of SOC teams are overwhelmed with irrelevant threat data and more than half of cloud-security alerts are noise. ManageEngine's improvements seek to shift the balance: instead of merely collecting more data, SOCs will now have tools to focus on high-confidence signals.

The enhancements were validated through beta testing at Emergency Communications of Southern Oregon 911, a combined dispatch and emergency response centre. The organisation reported about a 90% reduction in false or low-priority alerts, significantly speeding up detection-to-response cycles and enabling analysts to devote attention to bona fide threats.

Key new features include the unified detection pane, the cloud-delivered rule-update capability, and advanced rule-tuning options. ManageEngine has also emphasised continuous delivery of threat detection content, ensuring threat coverage keeps pace with evolving attack methods.

MENAFN12102025000152002308ID1110184388