WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
See our complete list of Top 10 SIEM Products.
Company Description: Founded in 2003, LogRhythm bills itself as the “security intelligence company.” It is privately held.
Product description: LogRythm unifies SIEM, log management, network and endpoint monitoring and forensics, as well as security analytics. It incorporates threat lifecycle management, security automation and orchestration (SAO), compliance, as well as targeted searches that use contextual or unstructured criteria. It includes modules such as Platform Manager, AI Engine, Data Processors, Data Indexers and Data Collectors.
Markets and use cases: As well as large enterprises, LogRhythm plays well in government agencies, MSSPs and mid-sized businesses. It is said to be a good fit for organizations that want to integrate advanced threat monitoring with SIEM. It has also been designed to make it easier to implement for companies with small security teams.
Metrics: LogRhythm’s decentralized architecture is said to make it highly scalable.
Security qualifications: FISMA, GPG13, PCI DSS, the Health Insurance Portability and Accountability Act (HIPAA), NERC CIP, SOx and ISO 27001.
Intelligence: Machine analytics to surface advanced threats. Its risk-based priority algorithm applies risk and threat factors to automatically qualify alarms based on highest risk.
Delivery: Can be deployed as an appliance, software or virtual instance.
Agents: LogRhythm can collect all types of Windows Event Logs with or without the use of an agent. Its agent technology facilitates the aggregation of log data, security events and other machine data. Data Collectors can operate locally or remotely.
Pricing: Subscription pricing is tied to volume consumption. Licensing is also based on a daily (rather than hourly) average of messages per second (MPS).