Posts tagged: 'event management'

The following posts are associated with the tag you have selected. You may subscribe to the RSS feed for this tag to receive future updates relevant to the topic(s) of your interest.

The Genesis of LogRhythm – Integrated Log Management & SIEM

For my initial Blog posting, I thought it worthwhile to share with you our mindset and vision for starting LogRhythm.  I mean, after all, what drives a couple of 30 year old men to put their combined financial fortunes into a software startup?  Phil had just gotten his Ph.D. in Physics from the University of Colorado.  I had become used to making six-figure salaries with reputable security service/product companies.  We both had lucrative paths open to us that were certainly more secure.  So why go “all in” on LogRhythm?

For me, it was pretty basic.  I saw fundamental failings with the state of intrusion detection, network monitoring, and security event management in 2002.  I knew a better solution was needed, should exist, and we could build it.  For Phil, his reasons were more on the intellectual side.  Through conversations we’d had around campfires in Colorado – after a beer or four – he’d come to understand some of the data analytics challenges I’d become familiar with while at Counterpane.  Through these conversations, Phil saw an opportunity to apply his high-performance computing and data analytics background to the problem of finding high value information within the noise of log and event data.

In September of 2002 Phil flew to DC and we spent three weeks in my kitchen prototyping an anomaly detection engine based on log data.  The result of this effort was proof we could find high value events current SIEM could not.  We also determined the reason current technology could not find these events was because the architecture and approach could not support the analytics we envisioned.  Most significantly, SIEM was not collecting ALL the logs, they were only collecting events and discarding everything else.  For the revolutionary analytics we prototyped and foresaw, we needed not just events, but log data across the entire IT stack.  We knew a fundamentally new approach and architecture was needed to advance the state of the art.

With a belief that what we were doing was important, needed, and doable, I sold my house to fund the company.  With $100,000 from my home, personal savings and credit cards, we spent the next three years developing the LogRhythm platform.  In 2005 we released LogRhythm 2.0, the first truly integrated Log and Event Management platform.  That year we managed to land our first customer, attracted a CEO and began to seek outside funding.  It has been off to the races ever since.

With this Blog, I and others at LogRhythm look forward to sharing with you our unique vision and approach for this vitally important technology and welcome your contributions to “The Dialog.”

Thank you.

Chris Petersen

Tags: , , ,

1 Comment | General