3 min

Tags in this article

, ,

LogRhythm and Exabeam have announced that they are merging, marking another step toward change in the security market. Together, the vendors for security information and event management (SIEM) and user and entity behavior analytics (UEBA) have a considerable presence in the security operations center (SOC) world. The proposed merger appears to be a step toward a larger platform, something many security tool vendors are currently moving toward.

LogRhythm CEO Chris O’Malley anticipates this in announcing the acquisition. He states that CISOs have “eagerly awaited the emergence of a strong, customer-obsessed, singularly-focused global leader in AI-driven security operations—one that offers a best-of-breed alternative to the frustratingly complex options on the market today.” He sees that the day for this has arrived with the merger of the two SOC players.

By this, O’Malley is referring to the alternative to the best-of-breed principle. With best-of-breed, a highly specialized solution is used, with features tailored to professionals. Best-of-suite is the alternative to best-of-breed and works more toward a comprehensive platform to meet more needs.

What can LogRhythm and Exabeam do together?

Looking at how that might play out, the first thing to consider is what exactly the companies to be merged do. LogRhythm has been on the market for over 20 years with its SIEM platform. In the SOC, security professionals use the tool to bring together security data and signals to extract the right insights. This information can come from logging tools and threat intelligence sources. With AI, it can then observe suspicious behavior in network traffic and user behavior. LogRhythm locates cyber threats and then ensures that security professionals can respond quickly. The solution can be purchased in two ways: cloud-native and self-hosted. Through the SIEM platform’s standard integrations, it can pull data from other tools.

On the other hand, Exabeam has a UEBA solution. This is made to add behavioral analytics on top of a SIEM tool. It can be used to detect threats, protect against cyber attacks and fight a hacker. To do this, UEBA learns normal behavior, so if something abnormal occurs it can be categorized as suspicious behavior. This automatic detection can be passed on to the SOC analysts to detect and respond to possible threats.

Although the companies have a decent presence in the SOC world together, they have not had the best of times. LogRhythm’s transition from on-premises to the cloud was rough. Moreover, just offering SIEM as a security vendor is limited compared to what the competition does. Other players in the market can provide more than just SIEM tooling.

Exabeam can start to change that. This party is newer than LogRhythm and managed to grow rapidly in a short period of time. Recently, however, staff layoffs have been in the news. This does not necessarily signal that Exabeam is currently experiencing its glory days. Moreover, Exabeam tried to grow into an eXtended Detection and Response (XDR) platform, but there is nothing about that on the homepage under the product section now.

So, the parties see plenty of reason to merge and move away from best-of-breed. They expect the merger to be completed in the third quarter. However, approval by the authorities will still be required.

Tip: LogRhythm expands its platform’s capabilities to help security teams