December 01, 2009
Here is another case where a product has, perhaps, been a bit mischaracterized as only a SIEM. And, again, the emphasis on forensics is apparent. However, this product accomplishes its magic through log management. The way it defines log management is a bit different than one might expect, though. This is not your father's log manager. It is far more concerned with managing the data in the logs.
Managing data in logs makes one major and important assumption: it does not matter where the data actually resides. What is important is that the device not only sees it, but can make use of it. And that is what LogRhythm does very well. It combines its capabilities with those of other logging systems, such as endpoints, and provides correlation and alerting.
According to the visionary at LogRhythm, log management is alive and well if we are careful how we define it. Our definition must include everything that makes up log management. There is a lot more to log management, for example, than security event logs. There are operations and system logs, as well as any log that operates at what LogRhythm calls the event layer. The recognition that such a definable layer exists - and is addressable and useful - is a major piece of the company's technological innovation.
If you are going to play in a crowded market, you need to differentiate yourself. In the case of LogRhythm that means branding. And branding in this case emphasizes log and event management in a single device, ease of use and rapid time to value. Rapid time to value means lots of out-of-the-box capability, and that has been a major emphasis for LogRhythm. This is a case where technology and go-to-market interact to define a truly innovative company.
Another aspect that the visionary at LogRhythm emphasized is that they do everything from R&D to production in-house, and they have had zero turnover since their inception. These are two major accomplishments in my view, and they have significant effect on the company as an innovator, especially from the standpoint of consistency of vision and execution on that vision.
AT A GLANCE
Flagship product: LogRhythm 5.0
Innovation: Redefining what log management really means
Greatest strength: Seamless integration of technology and market positioning in a completely U.S.-made, developed and supported product
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- Vulnerabilities identified in three Advantech products
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard