LogRhythm Web Console Demo 2/1/2023

I had the privilege to interview with the fine folks at LogRhythm in early February 2023. It was a joy to meet Peter McNaul and his staff and cohorts. As I always try to do with every opportunity, I learned a few things about their SIEM platform. I was pleasantly surprised by the ease of use, breadth, and depth of the platform's coverage. Even though I was on a demo of the platform (let's face it, demos are always underpowered and pretty much useless), it was responsive. It never made me wait more than a few seconds to deliver a response to any of the commands I sent to the platform.

The Threat Intelligence feeds seemed very robust, and the ability to implement and correlate with the threat feeds was almost flawless. I didn't get the opportunity to run through a deployment cycle, so I can't speak for the ease of deployment, but whatever it takes, it's well worth it. The system can ingest NetFlow in the cloud without blowing out the cloud elastic storage like some competitors do (AlienVault.).

The integrations with third-party security tools and utilities were exceptional. I have only seen three other systems with more integrations than Logrhythm, and they are all costly for the self-managed or Managed Detection and Response versions. Though I won't divulge pricing here, LogRhythm is surprisingly affordable, considering all of the features combined with world-class security functionality, features, and feeds. They also offer a company a monitoring service and training to manage their deployment. You can deploy it in the cloud, on-premise, or via a hybrid solution incorporating both.

My advice... If you are looking for SIEM for your enterprise, look at LogRhythm! These guys are real players and can compete with the more prominent solutions in the industry from a functionality standpoint and be much easier to use. They can also compete price-wise with their down-market competitors and annihilate downmarket competition with functionality, correlation, and performance.