I just read the Forbes article on the most recent data breach at Home Depot. It seems that after three weeks of investigation, Home Depot confirmed that 56 million payment cards were impacted in a breach that lasted for over five months - making that the largest retail breach to date, even larger than Target’s 40 million card breach. Rumors have been circling that Home Depot’s security has had problems for years. The New York Times quotes former employees saying that Home Depot was “slow to respond to early threats and only belatedly took action.”
Truth of the matter is companies like Home Depot, Target, eBay, C&K Systems/Goodwill, Destiny, gaming site Call of Duty, travel site Viator, Aventura Hospital, and the dozens and dozens of other companies in the press over the last few months for security problems are not asleep at the wheel nor are they reluctant to respond. The problem is data security and network integrity is a very difficult and rapidly evolving problem. Andy Grolnick, the CEO of LogRhythm in Boulder, recently described the situation as "the perfect storm" where the once well delineated corporate network perimeter is now gone and everything is connected. Compounding the problem is the exponential growth in amount and importance of digital assets leading to unprecedented bad-actor sophistication and an increasingly complex threat landscape at exactly the time when compliance is front and center. A very tenuous situation to be sure and a difficult one to respond to.
That perfect storm is where LogRhythm is focused and although a young company and still private (although that won't be true for ever) has become a world class alternative against much larger players like IBM and HP in this space. Andy describes a world where defenses like firewalls, intrusion prevention systems (IPS), VLANs, and other preventative technologies that were considered sufficient even a few years ago are now completely inadequate. Today companies are dealing with internal compromise, zero day attacks, targeted malware, spear phishing, socially engineered attacks and advanced persistent threats (or APTs). There is no question that most if not all networks have been compromised to some extent and now the task turns to identifying and arresting those breaches through sophisticated monitoring.
LogRhythm provides a next generation security analytics platform based on real-time processing, machine analytics and forensic analysis looking at the network, hosts, file systems, logs, etc. The end result is actionable intelligence and incident response for APT detection, malware, compromised hardware, fraud detection, insider threats, compliance violations, compromised user accounts, anomalous database activity and a whole host of other nefarious behavior. They present the customer with user-friendly actionable intelligence in the form of real-time dashboards, risk prioritized alerts and reporting and also provide automated workflow and incident response and case management.
Their solution is rapidly becoming the gold standard for dozens and dozens of commercial enterprises, healthcare companies, retailers, financial institutions, and government and military customers. Their customer list is impressive, the company is growing exponentially and has almost 400 employees in Boulder and growing offices in the UK, Germany, Paris and Singapore. Their solutions have received Gartner's 2014 SIEM Magic Quadrant award, Frost & Sullivan's 2013 Global SIEM/LM Market Penetration Leadership award, SC Magazine Best Buy award, DCIG 2014-15 Buyer's Guide Best in Class SIEM Appliance award, and CDM Forensics Solution 2014 Best Product award.
They also have impressive management. Andy Grolnick, the President & CEO since 2005, has 25 years of experience growing high tech businesses, with executive leadership roles in marketing, product development, sales and general management Iomega, OpenLogic (where he was a member of the founding management team), Quantum, Rivio and HP. Chris Petersen, a cofounder and company CTO is an industry thought leader and respected authority on cyber security. He has over 20 years of experience in cyber security and information assurance including the development of the Price Waterhouse Enterprise Security Architecture System, leading an engineering group at Ernst & Young that produced one of the industry’s first managed security services and the leading information assurance portal, eSecurityOnline. He was instrumental in bringing to market Counterpane's Managed Security Service and led Product Marketing for the Dragon Intrusion Detection system at Enterasys, helping drive it to a market leading position. He also served as a faculty member for the Institute for Applied Network Security. He is also a Colorado State University alum!
LogRhythm is well positioned in a field that is in the press daily and increasingly the focus of boardroom discussions around the world. They are growing rapidly into a world leader in SIEM 2.0 and we are lucky to have such a successful and visionary company in the front range.