Security Information & Event Management (SIEM) , Security Operations

SIEM Stalwart LogRhythm to Merge With Exabeam

Cisco's Earlier Acquisition of Splunk Makes Waves in the SIEM Market
SIEM Stalwart LogRhythm to Merge With Exabeam

There's more consolidation in the SIEM market following today's announcement by LogRhythm and Exabeam that they've reached an agreement to merge.

See Also: Webinar | Accelerate your SOC with AI-driven security analytics with Elastic and Google Cloud

Details about the announced merger between the two privately held companies are scarce, including terms of the deal and who will lead the new joined company. The companies estimate the merger will close during the third quarter of this year.

"Vigilant CISOs have eagerly awaited the emergence of a strong, customer-obsessed, singularly focused global leader in AI-driven security operations - one that offers a best of breed alternative to the frustratingly complex options on the market today. That day has arrived," asserted LogRhythm CEO Chris O'Malley.

Colorado-based LogRhythm is one of the original SIEM players. Unlike fellow stalwart Splunk, it's not being folded into a larger company. Instead, it is banking its future on synergies with California's Exabeam. IDC data from 2022 puts LogRhythm as sixth largest in the SIEM market and Exabeam as the eighth largest. Combined, they would be the fourth-largest SIEM vendor by revenue.

Networking giant Cisco's $28 billion acquisition of Splunk in a deal completed only weeks ago has created a potential opening in the SIEM market for practitioners concerned about Splunk's viability under Cisco tutelage while also pressuring SIEM firms to shore up their offerings, Forrester Principal Analyst Allie Mellen told Information Security Media Group.

"There are synergies from a technology perspective" in joining Exabeam's user analytics with LogRhythm's SIEM capabilities, she said. "Bringing those companies together could be more effective, especially if they take it downmarket."

SIEM doubters have attempted for years now to write an obituary for the log data analysis SOC mainstay. SIEMs are expensive, depend on third-party integrations and require human expertise to configure the alerts, so they can seem like a finicky money suck.

Extended detection and response platforms such as CrowdStrike and SentinelOne have acquired business analytics capabilities, and other platforms have built their own in a move to supplant SIEM with native alerts. But XDR lacks features that SIEM offers, such as user analytics and compliance demonstration, Mellen said.

Plus, "many of these platforms tend to be newer in the market, so they don't have the same level of integration, log collectors, third-party collection the SIEM vendors do."

The merger comes will challenges, she said. The company cultures are different: Exabeam's products tend toward the modular while LogRhythm offers suites. And merging won't address issues such as keeping pace with innovation and cloud migration. In the enterprise market, Microsoft is throwing its weight around with cloud-native Sentinel for Azure customers.

Still, each could be the missing piece the other needs, Mellen said.

About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.