From an original focus on security information and event management (SIEM) and log management technologies, LogRhythm has broadened out its capabilities into a security intelligence platform with the addition of file integrity monitoring, network and host forensics, configuration monitoring, and big data security analytics. It aims to provide its customers with technology to aid compliance automation and assurance, as well as providing greater intelligence over their IT estates and helping with incident detection and response.
The latest additions to its security intelligence platform include SmartResponse automation framework, added in 2013 for automating incidence response capabilities, which was extended with new capabilities in the release of LogRhythm7 in October 2015. In August 2014, it added a threat intelligence ecosystem, which is a collective of threat intelligence from vendors, its threat intelligence security analytics suite to help its customers to identify, analyse and prioritise security incidents, and its honeypot security analytics suite to enable its customers to deploy honeypots to attract opportunistic hackers. In May 2016, it launched upgrades to its Network Monitor product, which offers network monitoring, analytics and forensics for detecting, investigating and mitigating threats such as ransomware, spear phishing and advanced targeted attacks.
The latest version of the Security Intelligence and Analytics platform is LogRhythm7 and was released in October 2015. As well as extensions to SmartResponse, expanded capabilities include its Elasticsearch indexing architectures for searching unstructured data and for managing big data more efficiently. It also offers improved visualisation capabilities and new risk-based scoring algorithms for better prioritisation capabilities.
LogRhythm has offices in the US, Europe, the Middle East and Asia-Pacific and serves customers worldwide, many of which are multinational organisations. Its key vertical markets are banking and finance, retail and hospitality, energy/utilities, higher education and healthcare.
LogRhythm has a wide range of partners. These include service partners such as systems integrators, consultancies and vertical solutions providers, a wide range of technology partners and ecosystem partners from which it takes and receives information flows. Partners in its new threat intelligence ecosystem service currently are CrowdStrike, Norse, Symantec, ThreatStream and Webroot. LogRhythm also has a partnership programme for value-added resellers and MSSPs, for which it has developed a specific platform.
LogRhythm targets Global 2000 organisations, government agencies and mid-sized businesses across the globe. It has a wide range of customer case studies and success stories available from across a range of industries.
The security intelligence platform collects information feeds from a wide range of technology systems, with or without the use of agents. These feeds are collected to a central repository where they are normalised and analysed, using machine learning capabilities that are capable of analysing extremely large big data sets. These analysis capabilities provide intelligence over the network and security stance, creating actionable insight for its customers to help them make better decisions. Its incident response capabilities include SmartResponse, which provides a choice of automated countermeasures according to the context of the incident and its criticality. It has received multiple awards for its technology.
LogRhythm offers a range of professional and technical support services that include help with deployment and ongoing deployment optimisation. Other services include compliance automation, alert optimisation, search and report optimisation, incident response and retail cyber crime. Its customer service and support teams are based in Colorado, although it also has field teams. It offers training courses in its headquarters in the US as well as in the UK, and also has online training options. LogRhythm Labs offers advanced intelligence services in the areas of machine learning, threat intelligence and compliance intelligence to help organisations streamline their operations and incident response.