TL; DR: Cyberthreats are constantly shifting. Businesses need to stay proactive to protect their infrastructure from emerging attack vectors. LogRhythm provides a cybersecurity platform to help users detect, investigate, and respond to threats with effective incident response. Its self-hosted and cloud-native solutions allow teams to get a clear and complete view of their environment while protecting their data. We spoke with Kevin Kirkwood, Deputy CISO of LogRhythm, about the platform, its capabilities, and how its team stays agile in an ever-evolving threat landscape.
Thanks to digital transformation, modern businesses are technology businesses as well. Tech has become a mainstay and companion to most businesses, from small-town bakeries to big-city conglomerates.
Although tech offers unparalleled benefits, it also has its pitfalls. And if users aren’t prepared, they can get burned by its effects — and cyberattacks are the primary negative. Tech has entered every industry, but that doesn’t mean every industry has the tools and know-how to navigate it.
Here is where a company like LogRhythm comes in. LogRhythm offers threat defense and out-of-the-box capabilities to help businesses establish a solid cybersecurity infrastructure. Whether you have a legacy system or cloud hosting, LogRhythm has a security solution to fit your needs.
“We have a wealth of tools. We’ve got LogRhythm SIEM, our on-prem solution, and LogRhythm Axon, our cloud-native solution. And we constantly stay up-to-date on what’s happening on the front. So we’re constantly refreshing our skills for our own environment and threat hunting,” said Kevin Kirkwood, Deputy CISO at LogRhythm.
LogRhythm’s platform and security operations services simplify security for the average business owner and meet the needs of more robust systems. LogRhythm’s services enable users to detect, investigate, and respond to cyberthreats with confidence while protecting critical data.
A Cybersecurity Solution for Everyone
Founded in 2003, LogRhythm is a veteran in the cybersecurity game. Cyberthreats and cyberattacks have evolved over the years, and LogRhythm has always stayed two steps ahead to help its customers safeguard their infrastructure from bad actors.
“The problem most companies face is they don’t start with a technology plan and a vision of what they’re trying to accomplish. So they come in and say, I need a new X solution without thinking about the steps to get there,” said Kevin.
Kevin told us a hardware’s age doesn’t negate the possibility of vulnerability and attacks. Both legacy hardware and newer systems can suffer similar fates. LogRhythm solutions help customers get on the right path with cybersecurity practices and measures. Users can choose from its cloud-native SaaS platform, LogRhythm Axon, or self-hosted platform, LogRhythm SIEM.
LogRhythm’s solutions equip users with the tools and capabilities to uncover threats, centralize their observability and security analytics, and streamline their incident response workflow. Kevin said if businesses don’t adapt, they will become more susceptible to evolving threats in the long term.
LogRhythm positions customers to remain agile in the face of shifting cyberthreats, starting with the development process. “Our LogRhythm Axon product is doing true Dev SEC Ops. We’ve shifted security as far into the development process as you possibly can. You can run scans in GitHub and get results back that will make sense to a developer,” said Kevin.
LogRhythm Axon allows users to detect vulnerabilities faster and fix them as they occur for better testing and value. LogRhythm’s extensive set of analytics rules also helps safeguard companies from common and new attack vectors with automated incident response.
How the Cloud Elevates Security for Businesses
LogRhythm’s SaaS platform, LogRhythm Axon, is entirely cloud-native. Leveraging the cloud has enabled LogRhythm to integrate the cloud’s most effective capabilities in its cybersecurity strategy, starting with its Software-as-a-Service format.
“We take on the majority of the platform security, so it moves itself. It shifts that responsibility significantly, but it doesn’t remove the responsibility of data protection. The cloud also enables us to take advantage of scalability,” said Kevin.
Kevin told us that LogRhythm uses AWS to power its SaaS platform. Although LogRhythm has a shared responsibility for security, customers can leverage its web API to manage their data. They can use this API to pull data into their instances and analyze it from the LogRhythm Axon platform.
“Users can send specific types of data elements into their security platform and incidents with this cloud-native product. That doesn’t mean you can’t do that on-prem. But the difference is that you’re carrying the cost associated with pulling data into your environment, as opposed to having it in the cloud with that flexibility,” said Kevin.
Leveraging its cloud platform allows users to stay fresh and agile without worrying about menial infrastructure tasks. LogRhythm takes on the brunt of platform security and infrastructure maintenance so users can focus on the more important things and accelerate development.
“We’re succeeding and moving so much faster in the cloud environment. On-prem, you must stage up and take downtime to do an update. With Software-as-a-Service, you inject new code, it flows into your system, and you can take advantage of it within an hour to an hour and a half after,” said Kevin.
Stay Agile: A Marriage of Constant Learning and Application
The LogRhythm team has racked up decades of experience and cybersecurity knowledge since 2003. And the team is committed to the path of lifelong learning. After all, to survive in this digital landscape, you must constantly investigate and learn to catch emerging threats and attack vectors.
“Threat vectors change constantly. So we will investigate to identify the things we should worry about or that are benign. That marriage between constantly learning and constantly applying is critical and keeps the team focused,” said Kevin.
Kevin told us cybersecurity companies should all have that mindset, or they will fall behind. This is why LogRhythm only hires individuals with specific skill sets and mindsets who prioritize lifelong learning. The LogRhythm team looks at various sources to stay up to date, including threat intelligence, trends, and internal environments. It also runs different in-house activities.
“Capture the Flag is like a microcosm of threat hunting and the challenges that we face in the industry on a daily basis. If you don’t use your skills on a constant basis, you will lose them. So Capture the Flag helps keep the knife edge sharp,” said Kevin.
Besides its agility-focused culture, LogRhythm has also made changes in its road map. It recently made a deal with SOC Prime, a cyber defense platform, to leverage and integrate its SIGMA rules into the LogRhythm Axon platform. This will allow LogRhythm to develop rules and fine-tune on the fly. The team is also thinking about integrating AI into the platform.
“We’re looking at artificial intelligence and machine learning at a couple of different layers. I think artificial intelligence will be an enabler for the security industry. Our foes are already using it, so we need to get at least on a par with them,” said Kevin.