December 01, 2009
Here is another case where a product has, perhaps, been a bit mischaracterized as only a SIEM. And, again, the emphasis on forensics is apparent. However, this product accomplishes its magic through log management. The way it defines log management is a bit different than one might expect, though. This is not your father's log manager. It is far more concerned with managing the data in the logs.
Managing data in logs makes one major and important assumption: it does not matter where the data actually resides. What is important is that the device not only sees it, but can make use of it. And that is what LogRhythm does very well. It combines its capabilities with those of other logging systems, such as endpoints, and provides correlation and alerting.
According to the visionary at LogRhythm, log management is alive and well if we are careful how we define it. Our definition must include everything that makes up log management. There is a lot more to log management, for example, than security event logs. There are operations and system logs, as well as any log that operates at what LogRhythm calls the event layer. The recognition that such a definable layer exists - and is addressable and useful - is a major piece of the company's technological innovation.
If you are going to play in a crowded market, you need to differentiate yourself. In the case of LogRhythm that means branding. And branding in this case emphasizes log and event management in a single device, ease of use and rapid time to value. Rapid time to value means lots of out-of-the-box capability, and that has been a major emphasis for LogRhythm. This is a case where technology and go-to-market interact to define a truly innovative company.
Another aspect that the visionary at LogRhythm emphasized is that they do everything from R&D to production in-house, and they have had zero turnover since their inception. These are two major accomplishments in my view, and they have significant effect on the company as an innovator, especially from the standpoint of consistency of vision and execution on that vision.
AT A GLANCE
Flagship product: LogRhythm 5.0
Innovation: Redefining what log management really means
Greatest strength: Seamless integration of technology and market positioning in a completely U.S.-made, developed and supported product
Sign up to our newsletters
SC Magazine Articles
- New SSL/TLS vulnerability, FREAK, puts secure communications at risk
- Report: Majority of health-related websites leak data to third parties
- Researchers investigate link between Axiom spy group, Anthem breach
- Natural Grocers investigating unauthorized access to POS systems
- Spammers leverage DMARC to more successfully distribute ransomware