Story image

LogRhythm’s 15 year dream realised with revolutionary CloudAI launch

04 Dec 17

​Cloud and artificial intelligence (AI) are two of the core aspects driving digital transformation around the world.

Now, LogRhythm has reinvented the definition of security information and event monitoring (SIEM) by merging the two technologies together - you can see the results in Gartner's latest SIEM report.

Chief technology officer, senior vice president of R&D and co-founder of LogRhythm, Chris Peterson says the dream began 15 years ago, based off two fundamental beliefs:

  • Companies and agencies were running blind when it came to detecting advanced threat actors, and nations were leaking data
  • There was a need for holistic machine-based analytics to uncover these advanced threats

The first technology that Peterson and fellow co-founder Phil Villella designed together was the Vector Analysis Engine, built on the theory that if they could model the behavior of user activity, they could identify compromised credentials and users that had gone rogue.

“Our initial work proved the existing class of SIEM solutions was architecturally flawed. To realise our analytics vision, we had to transform the notion of SIEM from a security event correlation technology into a holistic machine data analytics technology,” says Peterson.

“We knew that if we were to have a chance at accurately detecting the evidence of advanced threat actors operating from within the IT environment, we’d need broader forensic visibility and the ability to apply advanced analytics models across 100 percent of that data. So we set out to build a platform that could satisfy these needs.”

Peterson says that today they’ve largely realised their initial vision after building the industry’s leading platform for threat lifecycle management.

“The LogRhythm platform is built on a holistic machine data analytics foundation, able to apply a variety of analytics methods across 100 percent of the data in support of advanced threat detection, and provides security teams with streamlined workflow and automation to enable rapid response to qualified threats and incidents,” says Peterson.

“However, while today we’re a leading innovator in our market, we are far from done. The challenge of detecting 100 percent of threats with 100 percent accuracy is far from solved. To further our realisation of this quest, we have spent the past two years building our next foundational analytics technology: CloudAI.”

Peterson says they constructed CloudAI to further their analytics vision, specifically through the application of AI technologies, such as machine learning (ML).

Essentially, this new technology will streamline every process and ensure that no threat goes undetected. AI-enabled security operations centres (SOCs) will allow security analysts to focus on high-level decision that require intuition and creativity as your technology outpaces the sophistication and volume of your attackers.

“As a company, we are confident LogRhythm is uniquely positioned to lead this AI technology revolution. Our confidence is based on three factors that are critical for unlocking the promise of AI/ML: data, domain, and data science,” says Peterson.

“First, we live and breathe machine data. Our patented data processing technology unlocks a deep and consistent comprehension of machine data for over 800 types of technologies. Data quality is ingredient no. 1 for AI/ML success.”

Peterson says the company has a profound domain knowledge when it comes to detecting threats through holistic analytics methods with their engineering and threat research teams.

“Last, we have the data science. Data science was our origin 15 years ago, and since then, we have built an incredibly talented team of data scientists focused on our customer mission,” says Peterson.

“With the introduction of CloudAI, we further unlock our expertise in the realm of data science for the benefit of our customers and the market.”

Peterson says LogRhythm's initial application of CloudAI will serve to enhance their existing User Entity & Behavioral Analytics (UEBA) offering through deeper behavioural modeling of user activity, with a combination of supervised and unsupervised machine learning.

“We are excited to see our UEBA customers benefit from CloudAI, realising additional simplicity, acceleration, and accuracy when it comes to the detection of user-based threats,” says Peterson.

“With today’s launch of CloudAI, we are immensely proud and excited to be taking yet another innovative step forward towards our vision of delivering the AI-enabled SOC.”

Click here to find out more.

NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
GCSB's CORTEX project scoops iSANZ Award
“I believe this award is particularly significant as it is acknowledgement from our peers in the information security industry and from across the private sector."
NZ firms lack cybersecurity confidence, HP survey says
Out of 434 of New Zealand’s small and large businesses, only half (50%) feel confident that they would be able to cope if they experienced a significant cybersecurity breach.
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.