sb-as logo
Story image

LogRhythm buys out MistNet to bolster analytics capabilities

15 Jan 2021

LogRhythm is on a mission to bolster its analytics capabilities within its security portfolio, as the company prepares to take over cloud-based analytics platform MistNet.

Terms of the acquisition were not disclosed, but LogRhythm says its aim is to bring stronger levels of machine learning-based detection and response. 

Key focus areas include endpoint detection and response (EDR) analytics, network detection, user and entity behaviour analytics (URBA) and MITRE ATT&CK detections.

The company points to Global Market Insights research which suggests that the network traffic analytics and network detection and response markets are worth approximately $1.5 billion, and could grow up to 17% annually.

LogRhythm says this is because organisations want to improve their detection and response capabilities - and they want vendors to provide holistic services.

Through MistNet’s TensorMist-AI technology, LogRhythm will have access to AI capabilities that can construct a ‘geo-distributed meshed data pipeline that combines scale-out data management with distributed processing analytics’ - resulting in more visibility.

Furthermore, MistNet’s technology can collect data and create behavioural models on-location, so data is not shifted around.

Together, LogRhythm and MistNet technology will bring together SaaS, cloud collection, and distributed analytics.

 MistNet’s network detection and response (NDR) capabilities, along with LogRhythm Labs’ library of out-of-the-box threat detection, compliance and operating technology solutions, aims to help customers ‘realise value quickly’ and with ‘minimal effort and required knowledge’. 

Customers can deploy MistNet as a standalone solution or in combination with the LogRhythm NextGen SIEM Platform.

Speaking about the MistNet acquisition, LogRhythm president and CEO Mark Logan says, “Their solution will facilitate our goal of addressing current and emerging endpoint security needs for our global customers and partners.”

“MistNet complements our existing SIEM platform by enhancing deep network visibility, behaviour analytics and threat detection capabilities and will accelerate LogRhythm’s reach into the XDR market.”

LogRhythm’s NextGen SIEM Platform delivers security analytics; user and entity behaviour analytics (UEBA); NDR; and security orchestration, automation, and response (SOAR) within a single, integrated platform for rapid detection, response, and neutralisation of threats. 

“We are excited to join a company as committed to innovation and customer success as LogRhythm,” says MistNet president and CEO Geoffrey Mattson.

“The acquisition creates significant product synergy at the convergence of XDR and SIEM that will positively impact the industry, including the potential for accelerating detection based on open frameworks such as MITRE ATT&CK and driving additional use cases for supply chains, public cloud and IoT/OT security.”

Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Claroty discovers vulnerabilities in Ovarro TBox RTUs
The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More
Story image
Hackers offering forged “official” COVID vaccination certificates and negative test results on dark net 
There has been a 350% increase in the number of advertisements selling alleged COVID vaccines within the last three months.More
Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More
Story image
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More
Link image
Webinar: Securing privileged access to stop attackers in their tracks
Thycotic's immersive webinar will demonstrate how attackers acquire passwords on endpoints and access critical cloud applications — without being detected.More