WINNER - Best SIEM Solution: LogRhythm
LogRhythm’s fully cloud based NextGen SIEM is described by our judges as “providing all tools required, providing SME's with a cost efficient entry to SIEM. The SOAR capabilities, extensive data collectors and with no programming or coding required, provides access to key investigations by non-technical personnel.” In addition they noted how the platform had, “good awareness of the rapidly emerging complexity we see,” and its range of capabilities, “demonstrate why the platform is a leader in SIEM.”
The platform is intended to allow organisations to detect, respond to and neutralise cyber-threats before they become damaging breaches; recognise high-risk activities, while appropriately prioritising less critical activities and orchestrating and automating security response processes; achieve visibility and ability to corroborate indicators of compromise across attack surfaces to reduce false positives and negatives, as well as enable seamless workflow for effective and consistent threat management and regulatory compliance
A fixed cost licensing model means businesses don’t have to sacrifice security because of cost unpredictability. LogRhythm’s Machine Data Intelligence (MDI) fabric supports 850+ systems, devices, and applications to transform and add critical contextual data to captured log and audit data, optimally preparing it for downstream search or machine analytics. Embedded SOAR capabilities drive greater efficiency in threat response and mitigation with a proprietary, integrated UX.
Rapid 7 InsightIDR aims to help analysts work more efficiently and recognise immediate ROI through lightweight cloud deployment, heritage of user behaviour analytics, rich security and threat intelligence community, and a commitment to understanding and addressing the challenges of today’s complex (often hybrid) environments. Our judges said the offering does indeed offer: “Immediate value and efficiency gains” for customers. They noted how the offering, “combines SIEM, UBA, EDR, and FIM in a single solution,” that it features “ a comprehensive set of tools,” and that “automation provides true 24/7 monitoring and protection.” Rapid 7 was described as having a “Strong understanding of customer needs, modern tech challenges, and how to leverage a wide range of services” while featuring , “quick and scalable deployment.”