© 2018 Image by Gerd Altmann from Pixabay LogRhythm and RedLegg will partner to deliver LogRhythm’s cloud-native SIEM platform, LogRhythm Axon. It will see RedLegg integrate Axon into its managed security services offering. RedLegg believes this will make it easier for its customers to detect and respond in real-time to cybersecurity threats.


Gary Abad, VP of Global Channels at LogRhythm
Gary Abad, VP of Global Channels at LogRhythm

Gary Abad, VP of Global Channels at LogRhythm, said, “At LogRhythm, we are committed to empowering our customers with innovative security solutions that streamline their operations and bolster their defenses.

“RedLegg’s expertise in managed security, combined with the capabilities of LogRhythm Axon, will provide organizations with a powerful joint solution to simplify their security operations and improve their overall security posture.”

Why is RedLegg adding LogRhythm Axon?

Like many security organisations offering managed security services, RedLegg sees customers in increasingly complex IT environments. Some are on-premises, some are in the public cloud, and others are across multi-cloud environments. That complexity is increasing as customers continue to move assets into the cloud.

By adding LogRhythm Axon, RedLegg is betting that Axon’s cloud-native architecture will improve its threat detection, investigation, and response. It is especially interested in the cloud-to-cloud capabilities, which will help customers with multi-cloud environments.

It is not just the cloud-native capabilities that are important here. Axon comes with out-of-the-box content mapped to the MITRE ATT&CK framework. It also automates the collection of log data, which is critical for any SIEM to operate. As that data comes from multiple locations, RedLegg will be looking for simpler integration of the data into the SIEM through Axon’s unified console.

RedLegg will also look to the analytics tools inside Axon to help deal with incident response. These should make it easier to detect, monitor, and respond to any attack.

Enterprise Times: What does this mean?

Managed security service providers (MSSPs) face challenging times. They are often having to build their own integrations to manage the tools customers already have and the wide number of solutions in the market.

RedLegg already has its own SIEM and integrations with other solutions. By taking on LogRhythm Axon, RedLegg is adding a platform that gives it greater visibility and better tooling for multi-cloud environments.

Interestingly, this does not appear to be about replacing its existing solutions but enhancing them, although that raises questions. Given what Axon already has, will RedLegg deprecate some of its existing tools? Will it migrate its customers across to Axon from other vendors’ solutions? How much does this accelerate its ability to deal with complex multi-cloud environments? All of these are questions that RedLegg customers are likely to be asking themselves.

Setting those aside, what this announcement does offer RedLegg and its customers is a solution that can address not just their asset sprawl today but also the future.


Please enter your comment!
Please enter your name here