SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

#
SaaS
#
Firewalls
#
Ransomware

Video: 10 Minute IT Jams - Who is LogRhythm?

Thu, 22nd Oct 2020
FYI, this story is more than a year old
Author image
By Nick Forrester, Senior News Editor

Cybersecurity company LogRhythm is on a mission to empower IT and security analysts in an increasingly complex threat landscape. With its roots dating back almost 20 years, the company has made continuous innovation central to its ethos, now serving clients globally from its US headquarters and regional operations around the world, including the Asia-Pacific region.

Simon Howe, Vice President of Sales for APAC at LogRhythm, described the company's core offering in an interview. "Fundamentally, our role is to provide organisations with pervasive visibility to security activity across the network and to allow rapid detection and response to threats," he said.

LogRhythm's Security Information and Event Management (SIEM) platform sits at the heart of its technology, combining log management, behavioral analytics, orchestration, automation, and more. "Think of LogRhythm as the engine, the technology engine that's powering a SOC, or a security operations capability," Howe explained. "It's the threat detection, the threat investigation and hunting, incident response, SOC management. And we're all focused - one of the key principles in LogRhythm is, how do we do that in the most efficient way possible?"

Efficiency, Howe emphasised, is not simply about technology prowess. It's about making expert analysts as effective as possible, allowing lean security teams to achieve maximum impact. "How can we enable a lean team to achieve that outcome by driving more of the functionality into the technology itself?" he said.

Recent years have seen significant advances in the product range, including a fully software-as-a-service (SaaS) offering dubbed LogRhythm Cloud. Howe said this was a "logical but recent innovation," establishing flexible deployment models ranging from physical appliances to private and public cloud solutions.

Importantly, the latest version of the platform, Version 7.5, delivers enhanced workflow functionality and improved visualisations for analysts. "And probably, a key area that I would call out is, in a lot of environments today the data that we're collecting is from hybrid environments," Howe told us. With many organisations now operating a mix of on-premise, hosted, and extensive cloud-based systems, making sense of disparate, unstructured log data has become a technical challenge.

To address this, Howe pointed to the introduction of the Open Collector feature, which is based on the open-source Elastic Beats. "It enables you to ingest any unstructured log format - JSON is a good example," he said. "That just opens up and ensures that we can provide visibility throughout that cloud-based vector as well."

Aside from hard technology, LogRhythm is increasingly focused on fostering its user community as a resource in its own right. "LogRhythm Community is increasingly becoming a forum that our customers and partners are leveraging and relying on to share additional information, share updates that they provided, new dashboards," Howe explained. "It's a forum for us to share that data, but also for customers and partners to share developments that they've implemented themselves."

Looking ahead, Howe said much of LogRhythm's current product development is laser-focused on further integrating Security Orchestration, Automation, and Response (SOAR) functionality directly into the SIEM platform. "Think of SOAR as, finally, we're getting the product to do something for itself," he said. "It's a little bit like your car putting the brakes on for you if you are heading straight for a lamp post. This is now about the platform actually taking actions based on its own intelligence."

Such automation could involve automatically containing an endpoint displaying ransomware-like behaviour, disabling unauthorised services, or shutting down accounts linked to suspicious activity. This efficiency is vital, said Howe, as organisations battle with "stretched resources, the lean teams, [and] the lack of cyber expertise."

"What analysts you do have, you want them focused on the critical tasks," Howe said. "SOAR, in terms of its application in the LogRhythm platform, is all about taking away those mundane tasks and having the analysts focused on the critical elements."

Adaptation to the modern digital workplace involves more than just conventional IT infrastructure. Howe underscored the growing challenge of protecting operational technology (OT), a traditional blind spot now increasingly targeted by cybercriminals. "Operational technologies, obviously I think we're well aware of the increasing encroachment of cyber threat and activity into that arena. That's an important focus for us, in terms of developing use cases within that OT environment as well," he noted, adding that, "It's a particularly interesting area as well in terms of some of the funky use cases that have developed there."

For clients not wishing to directly operate their own security platforms, LogRhythm has also architected its technology to support managed services and multi-tenancy, making it particularly suitable for managed security service providers (MSSPs). "A customer is taking on a managed service, and so the LogRhythm platform, multi-tenancy from the ground up natively, very much suits that MSSP scenario as well," Howe said.

In Australia and New Zealand, LogRhythm's local presence has grown significantly from humble beginnings seven years ago. Howe recalled, "More than we had seven years ago because that was pretty much just me." Now, LogRhythm boasts sales and technical teams based in Sydney and Melbourne, as well as professional services and a connection to the company's regional Asian hub in Singapore, which provides extensive technical support and marketing resources. "We're obviously operating a follow-the-sun approach with support," he added.

When asked how prospective partners or enterprise users might engage, Howe said responsiveness is a key cultural value at LogRhythm, not just in technology but in people. He encouraged direct contact through a variety of channels, including partner networks and social media. "We pride ourselves on rapid response in the platform, but obviously as an organisation as well. Use the socials - LinkedIn, Twitter - you should find me very easily on there or any of our team," Howe said. "Plenty of resources to support you, and we welcome the interest. Any time, we look forward to hearing from folks."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
A managed protection service suite empowers MSPs to scale their businesses effectively
“Missed package?” Scam fooling thousands
Japan enacts Active Cyber Defense Law to neutralise threats
New secure data centre Mātai opens at RNZAF Base Auckland
Hundreds of printers at risk after security flaws uncovered

Top stories

AI agents revolutionise business & cybersecurity with automation
HCLTech partners with OpenAI to drive enterprise AI adoption
KnowBe4 launches free self-assessment to boost security culture
AI Expert Advisory Panel to shape public sector use in New Zealand
Browser AI agents seen as bigger security risk than employees