December 01, 2009
Here is another case where a product has, perhaps, been a bit mischaracterized as only a SIEM. And, again, the emphasis on forensics is apparent. However, this product accomplishes its magic through log management. The way it defines log management is a bit different than one might expect, though. This is not your father's log manager. It is far more concerned with managing the data in the logs.
Managing data in logs makes one major and important assumption: it does not matter where the data actually resides. What is important is that the device not only sees it, but can make use of it. And that is what LogRhythm does very well. It combines its capabilities with those of other logging systems, such as endpoints, and provides correlation and alerting.
According to the visionary at LogRhythm, log management is alive and well if we are careful how we define it. Our definition must include everything that makes up log management. There is a lot more to log management, for example, than security event logs. There are operations and system logs, as well as any log that operates at what LogRhythm calls the event layer. The recognition that such a definable layer exists - and is addressable and useful - is a major piece of the company's technological innovation.
If you are going to play in a crowded market, you need to differentiate yourself. In the case of LogRhythm that means branding. And branding in this case emphasizes log and event management in a single device, ease of use and rapid time to value. Rapid time to value means lots of out-of-the-box capability, and that has been a major emphasis for LogRhythm. This is a case where technology and go-to-market interact to define a truly innovative company.
Another aspect that the visionary at LogRhythm emphasized is that they do everything from R&D to production in-house, and they have had zero turnover since their inception. These are two major accomplishments in my view, and they have significant effect on the company as an innovator, especially from the standpoint of consistency of vision and execution on that vision.
AT A GLANCE
Flagship product: LogRhythm 5.0
Innovation: Redefining what log management really means
Greatest strength: Seamless integration of technology and market positioning in a completely U.S.-made, developed and supported product
Sign up to our newsletters
SC Magazine Articles
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Report: $19M breach settlement between MasterCard, Target terminated
- Logjam attack exposes data passed over TLS connections
- Google releases Chrome 43, addresses 37 bugs
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Android ransomware distributed to English speakers in spam campaign
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- Study: Average cost of data breach is $6.5M
- Data acquired from non-IRS sources enabled access to 100K taxpayer accounts
- Ransomware threat 'Locker' has sleeper component
- Beacon Health System notifies patients of possible data compromise
- Data security in the 21st century: Essentials of solid protection