Security Operations, Channel partners, Content

LogRhythm Releases Cloud SIEM Platform

Credit: LogRhythm
Twitter: @LogRhythm
Twitter: @LogRhythm

LogRhythm, a security intelligence and analytics platform provider, has released a cloud version of its NextGen Security Information and Event Management (SIEM) platform.

Organizations and MSSPs (managed security services providers) can use the new release, LogRhythm Cloud, to detect and neutralize cyber threats across their global security operations centers (SOCs), LogRhythm said.  They also can leverage various security orchestration, automation and response (SOAR) capabilities.

Cloud-based SIEM has earned multiple headlines in recent weeks. Among the highlights:

Private equity firm Thoma Bravo acquired LogRhythm in 2018. At the time, more than 2,500 enterprise customers were leveraging LogRhythm’s SIEM offerings. On a somewhat related note, Thoma Bravo also owns or has invested in a lengthy list of MSP-friendly software companies -- particularly ConnectWise, Continuum and SolarWinds.

SOAR Research Trends

LogRhythm's SOAR capabilities could be particularly interesting to MSSPs, many of which are exploring new ways to automate their SOCs.

A recent survey of LogRhythm customers revealed 33 percent of respondents said they have adopted SOAR products. Furthermore, LogRhythm last year incorporated the following SOAR capabilities into its NextGen SIEM Platform version 7.4 release:

  • Automated Response Actions: Include over 100 automated and semi-automated response actions available via LogRhythm's community website; these actions drive cyber threat identification and remediation.
  • Case Playbooks: Provide procedures for security analysts; case playbooks combine process methodology, senior security analyst knowledge and security best practices and can be integrated into third-party incident response systems and runbooks.
  • SOC Metrics: Enable security teams to collect and view metrics from their LogRhythm deployments to analyze mean time to detect (MTTD) and mean time to respond (MTTR) to cyber threats.

SOAR products were used by less than 1 percent of security organizations with five or more security professionals last year, technology research firm Gartner stated. However, the adoption rate of SOAR products among these organizations is projected to reach 15 percent by 2020 and likely will continue to increase in the years to come.

LogRhythm: Partner Strategy?

Key LogRhythm partners include such major IT consulting firms as Deloitte’s Canada win. The firm has a managed threat service that leverages LogRhythm’s Threat Lifecycle Management (TLM) technology, according to a mid-2017 announcement from both firms.

LogRhythm has been quiet on the partner front over the past year or so, but we're poking around for updates.

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.