TechValidate Research on LogRhythm

46 Case Studies – Page 1 of 2


Research by TechValidate

Case Study: S&P 500 Transportation Services Company Bolsters Security with LogRhythm

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Operating systems / servers
    • Custom applications
    • Commercial applications
    • Databases
    • Virtual and/or cloud-based environments
  • Installed LogRhythm and began collecting data in < 8 hours.
  • Has LogRhythm collecting data from 101-500 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Stolen or compromised credentials
    • External hacking attempts
    • Compromised hosts
    • Improper access/use of confidential data
  • Rated their ability to identify real-time incidents using LogRhythm:
    • security events: significantly faster
    • compliance violations: faster
    • operational issues: significantly faster
  • Describes their security posture as much stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • McAfee/NitroSecurity
    • Trigeo/Solarwinds, Spiceworks

Source:

TechValidate survey of a S&P 500 Transportation Services Company



Research by TechValidate

Case Study: State & Local Government Improves Their Security Posture With LogRhythm

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Identity management and access control systems
    • Custom applications
    • Commercial applications
    • Databases
    • Virtual and/or cloud-based environments
  • Installed LogRhythm and began collecting data in 1-3 Days.
  • Has LogRhythm collecting data from 1,001-5,000 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • External hacking attempts
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: significantly faster
    • Compliance violations: faster
    • Operational issues: faster
  • Describes their security posture as stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • IBM/Q1 Labs
    • McAfee/NitroSecurity
    • Splunk

Source:

TechValidate survey of a State & Local Government



Research by TechValidate

Case Study: State & Local Government Detects Malware & External Hacking Attempts

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Databases
  • Installed LogRhythm and began collecting data in 1-3 Days.
  • Has LogRhythm collecting data from 1,001-5,000 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • External hacking attempts
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: faster
    • Operational issues: faster
  • Describes their security posture as stronger since implementing LogRhythm.

Source:

TechValidate survey of a State & Local Government



Research by TechValidate

ABC Financial Services, Inc. Improves Privileged User Monitoring

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Identity management and access control systems
  • Installed LogRhythm and began collecting data in 1-3 Days.
  • Has LogRhythm collecting data from 101-500 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • External hacking attempts
    • Improper access/use of confidential data
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: faster
    • Compliance violations: faster
    • Operational issues: significantly faster
  • Selected LogRhythm over the following products:
    • IBM/Q1 Labs
    • Splunk

Source:

AJ Smith, Security Officer, ABC Financial Services, Inc.



Research by TechValidate

Case Study: Enterprise Insurance Company Prevents External Hacking Attempts and Malware

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Custom applications
    • Databases
  • Installed LogRhythm and began collecting data in 1-3 Days.
  • Has LogRhythm collecting data from 1,001-5,000 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • External hacking attempts
    • Compromised hosts
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: significantly faster
    • Compliance violations: significantly faster
    • Operational issues: significantly faster
  • Describes their security posture as much stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • Splunk
    • RSA enVision
    • NetIQ/Novell Sentinel

Source:

TechValidate Survey of a Medium Enterprise Insurance Company



Research by TechValidate

Enterprise Insurance Company Detects/Prevents Improper Access to Confidential Data

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, and antivirus software
    • Operating systems/servers
    • Network devices
    • Identity management and access control systems
  • Installed LogRhythm and began collecting data in < 8 hours.
  • Has LogRhythm collecting data from 101-500 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Compromised hosts
    • Improper access/use of confidential data
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: Faster
    • Compliance violations: Faster
  • Describes their security posture as stronger since implementing LogRhythm.

Source:

TechValidate Survey of a Large Enterprise Insurance Company



Research by TechValidate

Firstmark Credit Union Differentiates LogRhythm on Ease of Use, Scalability, & Innovation

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials
    • Need for fraud detection

Use Case

  • Installed LogRhythm and began collecting data in 1 to 3 weeks.
  • Has LogRhythm collecting data from 101-500 devices.

Results

  • Differentiated from other security solutions because of:
    • Ease of use
    • Scalability
    • Continuous innovation

Source:

Paula Reiland, Network Administrator, Firstmark Credit Union



Research by TechValidate

Fortune 500 Computer Services Company Uses LogRhythm to Detect Hacking, Fraud and Malware

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Improved visibility into privileged user behavior
    • Faster response to security incidents
    • Better correlation between events generated by different devices and applications
    • Fraud detection

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Identity management and access control systems
  • Installed LogRhythm and began collecting data in less than 1 week.
  • Has LogRhythm collecting data from more than 5,000 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Fraud
    • External hacking attempts
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: faster
    • Compliance violations: significantly faster
    • Operational issues: faster
  • Describes their security posture as much stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • Splunk

Source:

TechValidate Survey of a Fortune 500 Computer Services Company



Research by TechValidate

Case Study: Educational Institution Gains Visibility into Malware & Hacking Attempts

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Protection from external threats and hackers
    • Improved visibility into privileged user behavior
    • Protection from advanced persistent threats
    • Faster response to security incidents
    • Better correlation between events generated by different devices and applications
    • Detection of compromised and/or stolen credentials

Use Case

  • Using LogRhythm to collect and analyze data from the following sources:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Identity management and access control systems
    • Databases
  • Installed LogRhythm and began collecting data in 1-3 Days.
  • Has LogRhythm collecting data from 501-1,000 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • External hacking attempts
    • Compromised hosts
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: faster
    • Compliance violations: faster
    • Operational issues: faster
  • Describes their security posture as much stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • IBM/Q1 Labs
    • McAfee/NitroSecurity
    • Splunk
    • Alien Vault

Source:

TechValidate Survey of a Educational Institution



Research by TechValidate

Case Study: Navigant International Selects Network Monitor for Usability and Low TCO

Challenges

  • Solved the following challenges with their LogRhythm Network Monitor deployment.
    • Visibility into network traffic
    • Accurate application identification
    • Real-time layer-7 analysis

Use Case

  • Found that the following Network Monitor capabilities contribute to product usability:
    • Intuitive, web-based user interface
    • Visual charts with drill-down capabilities
    • Unstructured search
    • Out-of-the-box application recognition for over 2100 applications
    • Simplified console for administration
  • Was able to install Network Monitor and begin analyzing network traffic in less than 4 hours.

Results

  • Purchased LogRhythm as a network security vendor over the following competitors:
    • RSA (NetWitness/Security Analytics)
  • Differentiates LogRhythm’s Network Monitor from competitive products by the following:
    • Ease of use
    • Lower total cost of ownership (TCO)
  • Has prevented the following by using Network Monitor:
    • Unauthorized application use
    • Suspicious network traffic
    • Malware behavior
    • Suspicious port activity
  • Saw positive return on investment in terms of improved network visibility in 3-6 months.

Testimonials

“[Our organization] had a need for better network visibility with our internet facing links, LogRhythm gives us an efficient and cost effective means of doing that.”

“Yes, [I would recommend LogRhythm Network Monitor because] I don’t believe you can find a better bang for the buck in this area.”

Source:

Michael Smith, IT Manager, Navigant International, Inc.



Research by TechValidate

Case Study: Tarleton State University Addresses Security Challenges with Network Monitor

Challenges

  • Solved the following challenges with their LogRhythm Network Monitor deployment.
    • Visibility into network traffic
    • Accurate application identification
    • Real-time layer-7 analysis
    • Protection from advanced attacks
    • Expedited network investigations
    • Full packet capture (PCAP) for forensics

Use Case

  • Found that the following Network Monitor capabilities contribute to product usability:
    • Unstructured search
    • Rapid deployment
  • Was able to install Network Monitor and begin analyzing network traffic in less than 3 days.

Results

  • Purchased LogRhythm as a network security vendor over the following competitors:
    • IBM (QRadar)
    • McAfee (NitroSecurity)
  • Differentiates LogRhythm’s Network Monitor from competitive products by the following:
    • Unstructured search
    • Lower total cost of ownership (TCO)
  • Has prevented the following by using Network Monitor:
    • Suspicious network traffic

Source:

Michael Ables, Senior Network Systems Analyst, Tarleton State University



Research by TechValidate

Case Study: Idaho Department Of Labor Uses Network Monitor for Forensic Investigations

Challenges

  • Solved the following challenges with their LogRhythm Network Monitor deployment.
    • Visibility into network traffic
    • Protection from advanced attacks
    • Prevention of sensitive data loss
    • Expedited network investigations
    • Full packet capture (PCAP) for forensics

Use Case

  • Found that the following Network Monitor capabilities contribute to product usability:
    • Visual charts with drill-down capabilities
    • Out-of-the-box application recognition for over 2100 applications
    • Default settings for tuning and configuration
    • Rapid deployment
  • Was able to install Network Monitor and begin analyzing network traffic in less than 4 hours.

Results

  • Purchased LogRhythm as a network security vendor over the following competitors:
    • IBM (QRadar)
    • RSA (NetWitness/Security Analytics)
  • Differentiates LogRhythm’s Network Monitor from competitive products by the following:
    • Ease of use
    • Full session PCAP packet capture
    • SmartCaptureâ„¢ selective packet capture
    • Integration with LogRhythm’s Security Intelligence Platform
  • Has prevented the following by using Network Monitor:
    • Suspicious network traffic
    • Suspicious port activity
    • Excessive bandwidth consumption

Testimonials

“[Network Monitor is] easy to use [and provides] great forensic evidence to backup investigations.”

Source:

Michael Kalm, Chief Security Officer, Idaho Department of Labor



Research by TechValidate

County Of Sussex Uses LogRhythm to Strengthen Security & Prevent Improper Access to Data

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Commercial applications
    • Databases
    • Virtual and/or cloud-based environments
  • Installed LogRhythm and began collecting data in 1 to 3 weeks.
  • Has LogRhythm collecting data from 501-1,000 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Stolen or compromised credentials
    • External hacking attempts
    • Improper access/use of confidential data
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: significantly faster
    • Compliance violations: significantly faster
    • Operational issues: significantly faster
  • Describes their security posture as stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • IBM/Q1 Labs
    • McAfee/NitroSecurity
    • RSA enVision

Source:

William Kosinetz, Chief Information Officer, County of Sussex



Research by TechValidate

Case Study: Texas A&M University Health Science Center Strengthens Security Posture

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials
    • Need for fraud detection

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Identity management and access control systems
    • Commercial applications
    • Databases
    • Virtual and/or cloud-based environments
  • Installed LogRhythm and began collecting data in 1-3 Days.
  • Has LogRhythm collecting data from 101-500 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Stolen or compromised credentials
    • External hacking attempts
    • Compromised hosts
  • Rated their ability to identify real-time incidents using LogRhythm:
    • security events: significantly faster
    • compliance violations: significantly faster
    • operational issues: significantly faster
  • Describes their security posture as much stronger since implementing LogRhythm.

Source:

Michael Esparza, Security Officer, Texas A&M University Health Science Center



Research by TechValidate

Case Study: Medium Enterprise Banking Company Detects Malware and Compromised Hosts

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Custom applications
    • Commercial applications
    • Databases
    • Virtual and/or cloud-based environments
  • Installed LogRhythm and began collecting data in < 1 week.
  • Has LogRhythm collecting data from 501-1,000 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Compromised hosts
  • Rated their ability to identify real-time incidents using LogRhythm:
    • Security events: faster
    • Compliance violations: faster
    • Operational issues: faster
  • Describes their security posture as stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • McAfee/NitroSecurity
    • RSA enVision
    • Trigeo/solarwinds, loglogic

Source:

TechValidate Survey of a Medium Enterprise Banking Company



Research by TechValidate

Case Study: Associated Electric Cooperative, Inc. Strengthens Security & Compliance Posture

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • NERC CIP Compliance

Use Case

  • Collect and analyze data from the following sources with LogRhythm:
    • Security solutions such as IPS/IDS, firewalls, vulnerability scanners, antivirus software
    • Operating systems / servers
    • Network devices
    • Custom applications
    • Databases
  • Installed LogRhythm and began collecting data in 1-3 Days.
  • Has LogRhythm collecting data from 101-500 devices.

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Compliance with NERC CIP standards
  • Rated their ability to identify real-time incidents using LogRhythm:
    • security events: significantly faster
    • compliance violations: significantly faster
    • operational issues: significantly faster
  • Describes their security posture as much stronger since implementing LogRhythm.
  • Selected LogRhythm over the following products:
    • McAfee/NitroSecurity
    • RSA enVision

Source:

Jonathan Douglas, Systems Administration Supervisor, Associated Electric Cooperative, Inc.



Research by TechValidate

Case Study: Large Enterprise Aerospace & Defense Company in the UK Gains Visibility

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Lack of protection from advanced persistent threats
    • Need for faster response to security incidents
    • Require better correlation between events generated by different devices and applications
    • Detection of compromised and/or stolen credentials

Use Case

  • Has used LogRhythm to do the following:
    • Locate the source(s) of a data breach
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years
    • Used LogRhythm to monitor a centralized network with a large number of satellite or retail locations
    • Used LogRhythm to operate in a classified network with strictly controlled access to specific segments

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Compromised hosts
    • Improper access/use of confidential data
  • Chose LogRhythm for the following features:
    • Powerful forensics
    • Ease-of-use
    • Real-time monitoring capabilities
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Enhanced, enterprise-wide visibility into event data
    • Enterprise-wide, in-depth user monitoring

Source:

TechValidate Survey of a Large Enterprise Aerospace & Defense Company



Research by TechValidate

Case Study: Medium Enterprise Consumer Services Company Prevents APTs with LogRhythm

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Lack of protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Lack of protection from advanced persistent threats
    • Require faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Detection of compromised and/or stolen credentials
    • Fraud detection

Use Case

  • Has used LogRhythm to do the following:
    • Identify and/or prevent an advanced persistent threat
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for longer than 3 years

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Fraud
  • Selected LogRhythm over the following products:
    • Splunk
  • Chose LogRhythm for the following features:
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Improved incident response and threat management capabilities
    • Enterprise-wide, in-depth user monitoring
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Superior
    • Advanced Correlation: Superior
    • Scalability: Superior
    • Compliance Support: Superior
    • Usability: Superior

Source:

TechValidate Survey of a Medium Enterprise Consumer Services Company



Research by TechValidate

Case Study: Large Enterprise Hospitality Company Gains Visibility Into Abnormal Behavior

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Better visibility into server & workstation logs. Meet PCI Requirements for log collection.

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Identify and/or prevent an advanced persistent threat
    • Establish a Privileged User Monitoring program
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • External hacking attempts
    • Improper access/use of confidential data
    • Abnormal events.
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • Splunk
    • NetIQ/Novell Sentinel
    • Solarwinds
  • Chose LogRhythm for the following features:
    • Extensive, automated reporting
    • Ease-of-use
    • Rapid deployment
    • Real-time monitoring capabilities
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Compliance automation and assurance
    • Enterprise-wide, in-depth user monitoring
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Superior
    • Advanced Correlation: Superior
    • Scalability: Superior
    • Compliance Support: Superior
    • Usability: Superior

Testimonials

“Just by monitoring daily events we are able to notice anything abnormal. In addition, automated reporting is a great feature to have. Reports are easy to build from scratch and customize.”

Source:

TechValidate Survey of a Large Enterprise Hospitality Company



Research by TechValidate

Case Study: UK County Council Achieves Compliance and Enterprise-wide User Monitoring

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence to law enforcement for a criminal investigation and/or prosecution
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Establish a Privileged User Monitoring program
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for longer than 3 years

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Stolen or compromised credentials
    • Compromised hosts
    • Improper access/use of confidential data
  • Selected LogRhythm over the following products:
    • McAfee/NitroSecurity
    • LogLogic
  • Chose LogRhythm for the following features:
    • Extensive, automated reporting
    • Ease-of-use
    • Rapid deployment
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
  • LogRhythm delivered the following:
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Deployment and support simplicity
    • Enterprise-wide, in-depth user monitoring
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Far better
    • Scalability: Far better
    • Compliance Support: Superior
    • Usability: Superior

Source:

TechValidate Survey of a UK County Council



Research by TechValidate

Case Study: Medium Enterprise Hospitality Company Gains Real-Time Threat Protection

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Lack of visibility into privileged user behavior
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Has used LogRhythm to do the following:
    • Locate the source(s) of a data breach
    • Provide evidence to law enforcement for a criminal investigation and/or prosecution
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Minimize the impact and/or spread of a malware incident
    • Establish a Privileged User Monitoring program
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years
    • Used LogRhythm in a heterogeneous environment (multiple OS, network device and application vendors)

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • External hacking attempts
    • Compromised hosts
    • Improper access/use of confidential data
  • Chose LogRhythm for the following features:
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Real-time threat detection and advanced correlation
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Enterprise-wide, in-depth user monitoring
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Far better
    • Scalability: Better
    • Usability: Better

Testimonials

“The product has a near time ability to take a raw incident and send out an alarm which is very good. It allows us to identify and mitigate a real-time attack quickly. "

Source:

TechValidate Survey of a Medium Enterprise Hospitality Company



Research by TechValidate

Financial Services Company in the UK Improves Security Intelligence with LogRhythm

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Lack of protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Weak protection from advanced persistent threats
    • Need for faster response to security incidents
    • Lack of detection of compromised and/or stolen credentials

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Establish a Privileged User Monitoring program
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Stolen or compromised credentials
    • External hacking attempts
    • Compromised hosts
    • Stolen records
  • Chose LogRhythm for the following features:
    • Extensive, automated reporting
    • Ease-of-use
    • Real-time monitoring capabilities
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Real-time threat detection and advanced correlation
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Enhanced, enterprise-wide visibility into event data
    • Deployment and support simplicity
    • Enterprise-wide, in-depth user monitoring
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Superior
    • Advanced Correlation: Superior
    • Scalability: Superior
    • Usability: Superior

Testimonials

“LogRhythm provides us with a level of security intelligence and analytics that goes way above traditional SIEM. It not only allows us to monitor compliance, but also allows us to show the true value of security to the board.”

Source:

TechValidate Survey of a Medium Enterprise Financial Services Company



Research by TechValidate

State & Local Government Council Gains Visibility Into Network-wide Security Events

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Requirement for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Establish a Privileged User Monitoring program
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • External hacking attempts
    • Improper use of privileged level accounts
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • RSA enVision
    • Symantec
  • Chose LogRhythm for the following features:
    • Powerful forensics
    • Ease-of-use
    • Rapid deployment
    • Real-time monitoring capabilities
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Real-time threat detection and advanced correlation
    • Improved incident response and threat management capabilities
    • Enhanced, enterprise-wide visibility into event data
    • Deployment and support simplicity
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Better
    • Advanced Correlation: Better
    • Scalability: Better
    • Compliance Support: Better
    • Usability: Superior

Testimonials

“Without LogRhythm, I had no visibility into security events occurring on the network.”

Source:

TechValidate Survey of a State & Local Government



Research by TechValidate

Case Study: Small Business Health Care Company

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 0-12 months
    • Used LogRhythm in a heterogeneous environment (multiple OS, network device and application vendors)

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Monitored memory issues on sql servers
  • Selected LogRhythm over the following products:
    • Splunk
    • OSSIM
  • Chose LogRhythm for the following features:
    • Powerful forensics
    • Extensive, automated reporting
    • Ease-of-use
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
  • LogRhythm delivered the following:
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Enhanced, enterprise-wide visibility into event data
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Far better
    • Advanced Correlation: Far better
    • Scalability: Far better
    • Compliance Support: Far better
    • Usability: Far better

Testimonials

“The LogRhythm dashboard shows highlights of what is really happening.”

Source:

TechValidate Survey of a Small Business Health Care Company



Research by TechValidate

Case Study: Health Care Industry Software Provider

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials

Use Case

  • Has used LogRhythm to do the following:
    • Establish a Privileged User Monitoring program
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Compromised hosts
    • Improper access/use of confidential data
  • Selected LogRhythm over the following products:
    • IBM/Q1 Labs
    • McAfee/NitroSecurity
  • Chose LogRhythm for the following features:
    • Advanced correlation/pattern recognition
    • Powerful forensics
    • Extensive, automated reporting
    • Ease-of-use
    • Rapid deployment
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Real-time threat detection and advanced correlation
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Deployment and support simplicity
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Superior
    • Advanced Correlation: Superior
    • Scalability: Superior
    • Compliance Support: Superior
    • Usability: Superior

Testimonials

“I no longer have to manually go through the security logs and am now able to set up custom alerts for our own logs with LogRhythm.”

Source:

TechValidate Survey of a Medium Enterprise Health Care Company



Research by TechValidate

Case Study: Medium Enterprise Health Care Company

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Has used LogRhythm to do the following:
    • Minimize the impact and/or spread of a malware incident
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 0-12 months

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Compromised hosts
  • Chose LogRhythm for the following features:
    • Extensive, automated reporting
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Real-time threat detection and advanced correlation
    • Compliance automation and assurance
    • Enhanced, enterprise-wide visibility into event data
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Better
    • Advanced Correlation: Better
    • Scalability: Better
    • Compliance Support: Better
    • Usability: Better

Source:

TechValidate Survey of a Medium Enterprise Health Care Company



Research by TechValidate

Case Study: Financial Services Company Replaces LogLogic with LogRhythm

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Identify and/or prevent an advanced persistent threat
    • Minimize the impact and/or spread of a malware incident
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years
    • Used LogRhythm to monitor a large, globally distributed network
    • Used LogRhythm in a heterogeneous environment (multiple OS, network device and application vendors)

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • External hacking attempts
    • Compromised hosts
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • Splunk
    • RSA enVision
  • Chose LogRhythm for the following features:
    • Extensive, automated reporting
    • Ease-of-use
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
    • Price
  • Replaced the following SIEMs with LogRhythm:
    • LogLogic
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Enhanced, enterprise-wide visibility into event data
    • Deployment and support simplicity

Testimonials

“LogRhythm was a huge improvement over our LogLogic system. It allowed us to get use out of our log data. Searches are far faster than manual grepping of syslog files, as well.”

Source:

TechValidate Survey of a Small Business Financial Services Company



Research by TechValidate

Case Study: LogRhythm Helps Educational Institution Overcome Limited IT Resources

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Minimize the impact and/or spread of a malware incident
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years
    • Used LogRhythm in a heterogeneous environment (multiple OS, network device and application vendors)

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • External hacking attempts
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • Splunk
  • Chose LogRhythm for the following features:
    • Extensive, automated reporting
    • Real-time monitoring capabilities
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Real-time threat detection and advanced correlation
    • Improved incident response and threat management capabilities
    • Enhanced, enterprise-wide visibility into event data

Testimonials

“LogRhythm has allowed us much greater visibility into our different log sources – which we would be otherwise unable to monitor with our limited staff.”

Source:

TechValidate Survey of a Educational Institution



Research by TechValidate

Case Study: S&P 500 Consumer Services Company

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
    • Identify and/or prevent an advanced persistent threat
    • Establish a Privileged User Monitoring program
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for longer than 3 years
    • Used LogRhythm to monitor a large, globally distributed network
    • Used LogRhythm in a heterogeneous environment (multiple OS, network device and application vendors)

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Stolen or compromised credentials
    • External hacking attempts
    • Improper access/use of confidential data
  • Chose LogRhythm for the following features:
    • Advanced correlation/pattern recognition
    • Powerful forensics
    • Ease-of-use
    • Rapid deployment
    • Out-of-the-box compliance
    • File integrity monitoring
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Real-time threat detection and advanced correlation
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Enhanced, enterprise-wide visibility into event data
    • Deployment and support simplicity
    • Enterprise-wide, in-depth user monitoring

Testimonials

“LogRhythm provides in-depth enterprise wide visibility so we can focus on exception based management rather than trying to watch it all ourselves. This allows our staff to focus on other important security matters.

It also enforces several key control aspects of our SOX and PCI audit requirements with alarm response reports to track our follow up to any alarm event and is used for reporting for an audit period as evidence of our tracking. It really simplifies things."

Source:

TechValidate Survey of a S&P 500 Consumer Services Company



Research by TechValidate

Case Study: Large UK Service Provider Chooses LogRhythm to Replace ArcSight

Challenges

  • Addressed the following problems with their LogRhythm deployment:
    • Need for protection from external threats and hackers
    • Need for improved visibility into privileged user behavior
    • Need for protection from advanced persistent threats
    • Need for faster response to security incidents
    • Need for better correlation between events generated by different devices and applications
    • Need for detection of compromised and/or stolen credentials

Use Case

  • Has used LogRhythm to do the following:
    • Provide evidence of suspicious or unauthorized user activity for an internal investigation
  • Described their LogRhythm deployment in the following ways:
    • Deployed LogRhythm for 1-3 years

Results

  • Has used LogRhythm to detect/prevent the following security threats:
    • Malware or virus
    • Stolen or compromised credentials
    • External hacking attempts
    • Compromised hosts
    • Improper access/use of confidential data
  • Selected LogRhythm over the following products:
    • HP/ArcSight
    • Splunk
    • NetIQ/Novell Sentinel
  • Chose LogRhythm for the following features:
    • Advanced correlation/pattern recognition
    • Powerful forensics
    • Extensive, automated reporting
    • Ease-of-use
    • Rapid deployment
    • Out-of-the-box compliance
    • Real-time monitoring capabilities
  • Replaced the following SIEMs with LogRhythm:
    • HP/ArcSight
  • LogRhythm delivered the following:
    • Scalability and deployment flexibility
    • Real-time threat detection and advanced correlation
    • Improved incident response and threat management capabilities
    • Compliance automation and assurance
    • Deployment and support simplicity
  • Rated LogRhythm’s differentiation compared to other SIEM solutions:
    • Performance: Far better
    • Advanced Correlation: Superior
    • Scalability: Far better
    • Compliance Support: Far better
    • Usability: Superior

Testimonials

“LogRhythm’s intuitive interface provides an easy-to-use set of tools to quickly and efficiently identify the root cause of detected abnormalities. This has allowed us to better understand our security posture and respond more quickly to security events.”

Source:

TechValidate Survey of a Large Enterprise Computer Services Company





More Research on LogRhythm   Explore all TechValidate Research