ManageEngine, a division of Zoho Corporation and a leading provider of enterprise IT management solutions, has made public that Log360, its security information and event management (SIEM) solution, has been strengthened with a re-engineered threat detection approach. This is a major enhancement aimed at addressing the needs of modern-day security operations center (SOC) teams.
ManageEngine is part of the same company as Zoho, and is actually older, having had their first product come out in 2002, while Zoho’s came out first in 2005. The company that owns them both was eventually named Zoho Corporation because Zoho had become the better known brand. The difference between them is that ManageEngine was focused on the IT organization while Zoho targeted business users in organizations.
The company, regardless of its name, has been having SOC issues. Over 60% of SOC teams are overwhelmed with irrelevant threat data. In fact, a majority (53%) of cloud security alerts can be considered noise, according to the 2025 Threat Intelligence Benchmark study commissioned by Google. ManageEngine’s latest release bolsters Log360’s position as a unified security platform by filtering out the security alert noise, thereby enabling faster triage and reducing burnout issues faced by security analysts.
“The biggest challenge for security teams today isn’t collecting data — it’s separating genuine signals from overwhelming noise,” said Manikandan Thangaraj, Vice President of Program Management at ManageEngine. “We’ve re-engineered our detection system to not just build more complex rules, but to deliver true efficiency and empower SOCs with flexible, granular rule-tuning capabilities that go beyond simple thresholds.”
In addition, ManageEngine Log360 Cloud is a unified cloud SIEM solution with integrated CASB capabilities.
“With this advancement, SOC analysts can filter out benign noise without sacrificing the ability to catch a true compromise,” Thangaraj stated. “This shifts our focus to a targeted pursuit of genuine threats — ensuring we’re effectively protecting and not just monitoring twenty-four seven.”
The new capabilities include a centralized detection console, object-level rule filters, and over 1,500 prebuilt detection rules that are continuously delivered and updated from the cloud. This upgrade also lays the foundation for enterprise-grade scalability — with a multi-tier architecture, role-specialized log processing, and centralized multi-site collection — ensuring performance and resilience as data sources and log volumes grow.
“Being simple without compromising on the capabilities is our key differentiator,” Thangaraj noted. “While the market sees SIEM solutions as complex and high-maintenance tools, ManageEngine offers SIEM capabilities in a quick-to-deploy and easy-to-maintain architecture.”
Log360 has had its detection re-engineered, with a new unified detection console that consolidates all detection content—including MITRE ATT&CK-aligned rules, correlation logic, user and entity behavior analytics (UEBA) insights, and threat intel feeds—into a single pane of glass. Security teams can create standard, anomaly-based, or advanced detection rules through an interactive UI, without writing complex queries. Object-level filters across Active Directory users, groups, and OUs ensure that high-value identities are continuously monitored while suppressing low-priority noise.
“Teams that use SIEM should focus on constantly maintaining and customizing the SIEM to their environment for effective utilization,” Thangaraj stated. “They must learn the options their vendor provides to fortify their defenses against the evolving threats.”
More than 1,500 prebuilt rules now cover a wide range of use cases from privilege escalation and lateral movement to endpoint tampering and SaaS attacks. These rules are researched, curated, and tested by ManageEngine’s in-house threat research team to ensure accuracy and low false positives, and are delivered through a cloud-based update mechanism so users always stay current.
Log360’s architecture enhancements enable horizontal scalability with log processor clusters and role-based processing (correlation, enrichment, alerting) — as well as centralized collection from distributed sites — ensuring performance continuity even in large, geographically distributed enterprises.
“The MSSP market is set for expansion, but MSSPs have to assure their clients that data segregation and security are ensured continually,” Thangaraj concluded.
Register for the launch session scheduled on September 30, 2025, at https://mnge.it/8gM