Story image

LogRhythm’s 15 year dream realised with revolutionary CloudAI launch

04 Dec 17

​Cloud and artificial intelligence (AI) are two of the core aspects driving digital transformation around the world.

Now, LogRhythm has reinvented the definition of security information and event monitoring (SIEM) by merging the two technologies together - you can see the results in Gartner's latest SIEM report.

Chief technology officer, senior vice president of R&D and co-founder of LogRhythm, Chris Peterson says the dream began 15 years ago, based off two fundamental beliefs:

  • Companies and agencies were running blind when it came to detecting advanced threat actors, and nations were leaking data
  • There was a need for holistic machine-based analytics to uncover these advanced threats

The first technology that Peterson and fellow co-founder Phil Villella designed together was the Vector Analysis Engine, built on the theory that if they could model the behavior of user activity, they could identify compromised credentials and users that had gone rogue.

“Our initial work proved the existing class of SIEM solutions was architecturally flawed. To realise our analytics vision, we had to transform the notion of SIEM from a security event correlation technology into a holistic machine data analytics technology,” says Peterson.

“We knew that if we were to have a chance at accurately detecting the evidence of advanced threat actors operating from within the IT environment, we’d need broader forensic visibility and the ability to apply advanced analytics models across 100 percent of that data. So we set out to build a platform that could satisfy these needs.”

Peterson says that today they’ve largely realised their initial vision after building the industry’s leading platform for threat lifecycle management.

“The LogRhythm platform is built on a holistic machine data analytics foundation, able to apply a variety of analytics methods across 100 percent of the data in support of advanced threat detection, and provides security teams with streamlined workflow and automation to enable rapid response to qualified threats and incidents,” says Peterson.

“However, while today we’re a leading innovator in our market, we are far from done. The challenge of detecting 100 percent of threats with 100 percent accuracy is far from solved. To further our realisation of this quest, we have spent the past two years building our next foundational analytics technology: CloudAI.”

Peterson says they constructed CloudAI to further their analytics vision, specifically through the application of AI technologies, such as machine learning (ML).

Essentially, this new technology will streamline every process and ensure that no threat goes undetected. AI-enabled security operations centres (SOCs) will allow security analysts to focus on high-level decision that require intuition and creativity as your technology outpaces the sophistication and volume of your attackers.

“As a company, we are confident LogRhythm is uniquely positioned to lead this AI technology revolution. Our confidence is based on three factors that are critical for unlocking the promise of AI/ML: data, domain, and data science,” says Peterson.

“First, we live and breathe machine data. Our patented data processing technology unlocks a deep and consistent comprehension of machine data for over 800 types of technologies. Data quality is ingredient no. 1 for AI/ML success.”

Peterson says the company has a profound domain knowledge when it comes to detecting threats through holistic analytics methods with their engineering and threat research teams.

“Last, we have the data science. Data science was our origin 15 years ago, and since then, we have built an incredibly talented team of data scientists focused on our customer mission,” says Peterson.

“With the introduction of CloudAI, we further unlock our expertise in the realm of data science for the benefit of our customers and the market.”

Peterson says LogRhythm's initial application of CloudAI will serve to enhance their existing User Entity & Behavioral Analytics (UEBA) offering through deeper behavioural modeling of user activity, with a combination of supervised and unsupervised machine learning.

“We are excited to see our UEBA customers benefit from CloudAI, realising additional simplicity, acceleration, and accuracy when it comes to the detection of user-based threats,” says Peterson.

“With today’s launch of CloudAI, we are immensely proud and excited to be taking yet another innovative step forward towards our vision of delivering the AI-enabled SOC.”

Click here to find out more.

Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
How Schneider Electric aims to simplify IT management
With IT Expert, Schneider Electric aims to ensure secure, vendor agnostic, wherever-you-go monitoring and visibility of all IoT-enabled physical infrastructure assets.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
Preparing for the future of work – growing big ideas from small spaces
We’ve all seen it: our offices are changing from the traditional four walls - to no walls. A need to reduce real estate costs is a key driver, as is enabling a more diverse and agile workforce.
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
How AI can fundamentally change the business landscape
“This is an extremely interesting if not pivotal time to discuss how AI is being deployed and leveraged, both in business and at home.”