December 01, 2009
Here is another case where a product has, perhaps, been a bit mischaracterized as only a SIEM. And, again, the emphasis on forensics is apparent. However, this product accomplishes its magic through log management. The way it defines log management is a bit different than one might expect, though. This is not your father's log manager. It is far more concerned with managing the data in the logs.
Managing data in logs makes one major and important assumption: it does not matter where the data actually resides. What is important is that the device not only sees it, but can make use of it. And that is what LogRhythm does very well. It combines its capabilities with those of other logging systems, such as endpoints, and provides correlation and alerting.
According to the visionary at LogRhythm, log management is alive and well if we are careful how we define it. Our definition must include everything that makes up log management. There is a lot more to log management, for example, than security event logs. There are operations and system logs, as well as any log that operates at what LogRhythm calls the event layer. The recognition that such a definable layer exists - and is addressable and useful - is a major piece of the company's technological innovation.
If you are going to play in a crowded market, you need to differentiate yourself. In the case of LogRhythm that means branding. And branding in this case emphasizes log and event management in a single device, ease of use and rapid time to value. Rapid time to value means lots of out-of-the-box capability, and that has been a major emphasis for LogRhythm. This is a case where technology and go-to-market interact to define a truly innovative company.
Another aspect that the visionary at LogRhythm emphasized is that they do everything from R&D to production in-house, and they have had zero turnover since their inception. These are two major accomplishments in my view, and they have significant effect on the company as an innovator, especially from the standpoint of consistency of vision and execution on that vision.
AT A GLANCE
Flagship product: LogRhythm 5.0
Innovation: Redefining what log management really means
Greatest strength: Seamless integration of technology and market positioning in a completely U.S.-made, developed and supported product
Sign up to our newsletters
SC Magazine Articles
- CISO salaries and demand for cyber-skills skyrockets, surprising no-one
- Skype targeted by T9000 backdoor trojan
- Student SSNs exposed in University of Central Florida breach
- Malwarebytes says sorry for multiple AV bugs, still unpatched
- Ransomware and POS attackers to zero in on small businesses, retailers
- Obama goes hard on cybersecurity, new CNAP commits funds, resources
- NSA reorg could strengthen defense ops
- Pro-Palestine hacktivist makes good on threat, posts data on FBI and DHS personnel
- Microsoft's February Patch Tuesday: 13 bulletins addressing 36 vulnerabilities
- Draft Investigatory Powers Bill draws fire from Parliamentary committee