The massive security breach at
LogRhythm is a vendor offering a range of security features, their particular focus is on combining a number of traditionally separate components, Security Information and Event Management (SIEM), log management, network forensics and the like. The idea being that all the traffic on an organization’s network, and flowing through it’s applications can be analyzed to identify risks early on in the piece. LogRhythm also ticks the compliance box, it offers compliance automation and assurance.
Clearly LogRhythm is a leader in the SIEM space, it has been recognized by Gartner for three years running in its Magic Quadrant reports, but the space is also rapidly changing, new log management and analysis vendors like Splunk, SumoLogic and Loggly have sprouted up in recent years and, while not classing themselves as SIEM vendors in particular, they all do some interesting log analysis work. These companies are also unrestricted by a specific security/SIEM classification – there is a lot of application and network performance work that can happen under a log analysis umbrella, while in theory LogRhythm could also do this, by classifying themselves strongly in the security space they lessen their ability to move sideways.
While it is true that with $40M in the bank LogRhythm has gained itself room to move, it seems its attention is elsewhere. The company is making a big show of it being the “only independent vendor left in the space”, that indicates that they’re either unaware of market dynamics or deluding themselves. Either way here’s hoping that the oversight the funding brings makes them look long and hard at their messaging and product mix.