LogRhythm, a security intelligence and analytics platform provider, has released a cloud version of its NextGen Security Information and Event Management (SIEM) platform.
Organizations and MSSPs (managed security services providers) can use the new release, LogRhythm Cloud, to detect and neutralize cyber threats across their global security operations centers (SOCs), LogRhythm said. They also can leverage various security orchestration, automation and response (SOAR) capabilities.
Cloud-based SIEM has earned multiple headlines in recent weeks. Among the highlights:
- Sumo Logic raised $110 million in a funding round led by investment firm Battery Ventures.
- Rival SIEM provider Exabeam raised $75 million earlier this month.
Private equity firm Thoma Bravo acquired LogRhythm in 2018. At the time, more than 2,500 enterprise customers were leveraging LogRhythm’s SIEM offerings. On a somewhat related note, Thoma Bravo also owns or has invested in a lengthy list of MSP-friendly software companies -- particularly ConnectWise, Continuum and SolarWinds.
SOAR Research Trends
LogRhythm's SOAR capabilities could be particularly interesting to MSSPs, many of which are exploring new ways to automate their SOCs.
A recent survey of LogRhythm customers revealed 33 percent of respondents said they have adopted SOAR products. Furthermore, LogRhythm last year incorporated the following SOAR capabilities into its NextGen SIEM Platform version 7.4 release:
- Automated Response Actions: Include over 100 automated and semi-automated response actions available via LogRhythm's community website; these actions drive cyber threat identification and remediation.
- Case Playbooks: Provide procedures for security analysts; case playbooks combine process methodology, senior security analyst knowledge and security best practices and can be integrated into third-party incident response systems and runbooks.
- SOC Metrics: Enable security teams to collect and view metrics from their LogRhythm deployments to analyze mean time to detect (MTTD) and mean time to respond (MTTR) to cyber threats.
SOAR products were used by less than 1 percent of security organizations with five or more security professionals last year, technology research firm Gartner stated. However, the adoption rate of SOAR products among these organizations is projected to reach 15 percent by 2020 and likely will continue to increase in the years to come.
LogRhythm: Partner Strategy?
Key LogRhythm partners include such major IT consulting firms as Deloitte’s Canada win. The firm has a managed threat service that leverages LogRhythm’s Threat Lifecycle Management (TLM) technology, according to a mid-2017 announcement from both firms.
LogRhythm has been quiet on the partner front over the past year or so, but we're poking around for updates.
Additional insights from Joe Panettieri.