The Case for XDR

LogRhythm XDR Stack Product UI

At LogRhythm, we recently revamped how we sell and license our platform’s portfolio of products. We did so to achieve a number of objectives. Our primary objectives were to make it easier for customers to transact with LogRhythm, to ensure customers get the best possible value from their investment, and to secure a seamless scalable deployment when additional use cases require expansion.

As part of this effort, we re-named our offerings to the LogRhythm XDR Stack.

Why XDR?

So what is “XDR”?

The modern security information and event management (SIEM) — or what is often referred to as a “next-gen SIEM” — has evolved into a much more sophisticated technology platform typically comprised of multiple distinct, but related products. The primary capabilities of this platform include:

  • Collect and centralize all log and machine data (modern SIEMs have a further expanse of collection and centralization — not just security event data)
  • Utilize sophisticated machine-based analytics that use scenario modeling, behavioral modeling, and machine learning (modern SIEMs go far beyond event correlation and themselves are a highly sophisticated intrusion detection system)
  • Orchestrate possible security events using extensive workflow and threat remediation automation (modern SIEMs don’t just manage events — they manage end-to-end team workflow and provide their own intrusion prevention/remediation capabilities)

As we sought out new names for the integrated set of products that compromise the full LogRhythm NextGen SIEM Platform, we thought about the fundamental purpose these products serve. As a whole, the mission and purpose behind our platform and products is to enable organizations to detect and respond to all cyberthreats across an enterprise’s entire IT and OT infrastructure, where this mission and purpose is powered through centralized visibility and analysis into all log and machine data.

For our overarching platform name, we chose to align around the emerging XDR term. We like XDR because it embodies the fundamental detect and response mission, where X represents any data and any threat. We see XDR as a term that looks ahead to a future where enterprises will need to continuously adapt to new sources of data that require protection and monitoring — where there will continue to be new types of threats against this data and the supporting IT/OT infrastructure.

The LogRhythm XDR Stack

The LogRhythm XDR Stack is a collection of individual products, that as a whole, enable an enterprise-wide threat detection and response capability:

AnalytiX provides flexible collection and centralization of any log and machine data, delivering and enabling analytics driven insights into IT, OT, and business operations.

DetectX delivers centralized analysis of all collected data, contextually enriched with threat and risk intelligence, for monitoring and detection of any type of security threat via out-of-the-box content and custom analytics.

RespondX supplies teams with the necessary workflow orchestration and automation required to quickly investigate, mitigate, and respond to any threat and any incident across the broad IT / OT landscape.

You’ll also see the XDR term in our two advanced threat detection and response products: UserXDR and NetworkXDR. These two products build on the capabilities of the underlying XDR Stack and bring unique visibility, analytics, and content in support of detecting more advanced user and network-centric threats.

With our new product names, we are leaning into a term we feel better represents the mission of the modern NextGen SIEM platform: helping customers defend themselves from any and all types of cyberthreats via an enterprise-wide capability for rapid detection and response.