natali_mis -

LogRhythm touts unlimited data plan for SIEM systems

SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank

Major suppliers of security information and event management (SIEM) systems typically charge for their software on a consumption basis, whether it is the number of messages per second or the amount of data processed per day.

“That consumption-based model has been the measurement of value,” said Chris Petersen, co-founder and CTO of LogRhythm. “The more you consume, the more value you’re getting from your platform, therefore the more you should pay.”

Petersen said the challenge with pay-by-volume pricing models is that it is often difficult for an enterprise to predict how many messages per second it processes when sizing its SIEM investments, potentially exposing it to bill shocks if the volume of messages increases later.

“The result of that is many CISOs [chief information security officers] feel like they can’t bring on more data,” said Petersen. “But organisations want to protect themselves by detecting and responding to threats more quickly and to gain more visibility across the enterprise.”

To address cost concerns that could hamper innovation and lead to security blind spots when enterprises size up their SIEM investment, LogRhythm has introduced an unlimited data plan for its SIEM platform.

“Instead of charging by consumption of data, we are going to look at how big an organisation is, based on employee count, and offer a fair and reasonable price based on that,” said Petersen, adding that enterprises will have to sign a three-year contract that allows them to ingest as much data as they like.

This gives CIOs and chief financial officers more assurance and predictability in their SIEM investments, as well as the freedom to collect and ingest as much log data they want without busting their budgets, he said.

Petersen said LogRhythm has worked out a migration path for existing customers with perpetual licences that are keen to try out this new pricing model later this year.

“We think this is the industry’s true unlimited data plan,” he said. “Other vendors talk about unlimited data, but there are still tiers – you still get an unexpected bill when you move up to the next tier.”

Read more about cyber security in APAC

To be sure, LogRhythm is not moving all its customers to the new pricing model. In cases where a consumption-based model still makes sense – in very defined scopes of data collection, for instance – Petersen said customers can continue to use existing perpetual licences that are priced based on the number of messages per second.

The new term-pricing structure is expected to benefit enterprises that deploy internet of things (IoT) sensors that expand the attack surface, making it more crucial to collect data on security events at the edge of a network.

“It’s hard to predict what those volumes are, but if more IoT sensors come online, you pay the same price,” said Petersen, pointing out that visibility over those devices will become even more important.

Read more on Hackers and cybercrime prevention

Data Center
Data Management