December 01, 2009
Here is another case where a product has, perhaps, been a bit mischaracterized as only a SIEM. And, again, the emphasis on forensics is apparent. However, this product accomplishes its magic through log management. The way it defines log management is a bit different than one might expect, though. This is not your father's log manager. It is far more concerned with managing the data in the logs.
Managing data in logs makes one major and important assumption: it does not matter where the data actually resides. What is important is that the device not only sees it, but can make use of it. And that is what LogRhythm does very well. It combines its capabilities with those of other logging systems, such as endpoints, and provides correlation and alerting.
According to the visionary at LogRhythm, log management is alive and well if we are careful how we define it. Our definition must include everything that makes up log management. There is a lot more to log management, for example, than security event logs. There are operations and system logs, as well as any log that operates at what LogRhythm calls the event layer. The recognition that such a definable layer exists - and is addressable and useful - is a major piece of the company's technological innovation.
If you are going to play in a crowded market, you need to differentiate yourself. In the case of LogRhythm that means branding. And branding in this case emphasizes log and event management in a single device, ease of use and rapid time to value. Rapid time to value means lots of out-of-the-box capability, and that has been a major emphasis for LogRhythm. This is a case where technology and go-to-market interact to define a truly innovative company.
Another aspect that the visionary at LogRhythm emphasized is that they do everything from R&D to production in-house, and they have had zero turnover since their inception. These are two major accomplishments in my view, and they have significant effect on the company as an innovator, especially from the standpoint of consistency of vision and execution on that vision.
AT A GLANCE
Flagship product: LogRhythm 5.0
Innovation: Redefining what log management really means
Greatest strength: Seamless integration of technology and market positioning in a completely U.S.-made, developed and supported product
SC Magazine Articles
- Cerber ransomware strain now targeting Office 365 users
- Critical infrastructure in Europe exposed to hackers
- Deal with the devil: Ransomware experiment proves you can negotiate price down
- WordPress Summer of Pwnage: 64 holes in 21 days
- Cerber ransomware C&C server shut down by research firm and CERT-Netherlands
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Brexit shakeup: How will the U.K.'s exit from the EU affect the technology sector?
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace