Overall Satisfaction with LogRhythm
LogRhythm is used throughout our organization and managed by the Information Security department
We collect logs from many systems that are important to managing our security infrastructure.
These include all of our security systems (FW, IPS, Endpoint protection), all of our AAA systems (LDAP, Radius Active Directory), as well as sytems contain data of concern.
We collect logs from many systems that are important to managing our security infrastructure.
These include all of our security systems (FW, IPS, Endpoint protection), all of our AAA systems (LDAP, Radius Active Directory), as well as sytems contain data of concern.
- Central Management and storage of logs
- Parses all logs into a readable format
- Correlates events from various systems to provide a consolidated view of activity
- Alerts and alarms on various events of possible concern
- Reports should be available in the Web Console
- Detail contained in Alarms should be configurable to provide more or less information as applicable
- Case in the case management module should allow investigation playbook templates
- Our ROI has been positive, we have improved our ability to investigate incidents
- We have also used LogRhythm to be able to block attacks in progress based on the real time alerting
- LogRhythm has improved our posture in terms of security framework and significantly improved our score as measured by alignment with NIST CSF framwork
- In our last completed Pen Test engagement we caught the Pen testers 5 times in the course of their objectives
- WE used to use Solar Winds LEM and but we outgrew it
We did an RFP and evaluated several SIEM vendors. LogRhythm ended up being a very clear choice when compared with the other vendors.
In this RFP we invited all vendors that were in the leaders category of the Gartner magic quadrant for SIEM.
In this RFP we invited all vendors that were in the leaders category of the Gartner magic quadrant for SIEM.