By Jean-Francois Dechant President & CEO, Exaprotect It is with great pleasure that I would like to announce that LogLogic has signed a definitive agreement to acquire Exaprotect. This is a great opportunity for Exaprotect, our partners and customers alike. The transaction will give us the opportunity to help LogLogic become the number one player in the Enterprise Security Management market. In case you aren’t familiar with us, let me take a moment to introduce Exaprotect. Before founding Exaprotect, I owned a managed security services company. I was constantly searching for an effective security event management technology I could offer my customers. After years of coming up short, I finally decided to build my own solution. Thus, Exaprotect was born in 2004. Exaprotect has two products that will serve as strong complements to LogLogic’s suite of log-powered applications. First, is EventManager, which is currently available as LogLogic Security Event Manager. You might wonder why it’s worth looking into yet one more SEM solution. Here’s why: Exaprotect’s EventManager is a plug-and-play appliance that includes a patented event taxonomy for correlating and classifying events according to a prioritized hierarchy. The taxonomy includes every possible action that could occur across your network and our asset model is pre-configured so you can easily identify and prioritize security events. It also has a natural language overlay that greatly simplifies rule definition and cuts down on white noise by a factor of 100x. While most SEM providers require an external database and dedicated DBA to manage the overwhelming amount of non-threatening events they trap daily, EventManager can stand on its own because we sort through false positives right away. You can also aggregate a string of related incidents into one discreet attack so you can easily identify and remediate “Attack on HR database,” rather than having to sort through a series of IP addresses to see how various events fit together. We also enable asset tagging for compliance. If you need to be PCI compliant, our database will know which assets to monitor for you. Introducing LogLogic Change Manager The other product you’ll be seeing soon from LogLogic is a one-of-a-kind product called ChangeManager. It will be available as LogLogic Change Manager once this acquisition is complete. It automates the manual process of keeping all network configurations, including firewalls, routers, switches, VPNs and IPS’s current with your latest security policies. This saves a lot of headcount and a lot of headache. Most often, IT security and network administrators are tasked with configuring network devices multiple times per day. Depending on what equipment they’re using, new rules must be written and managed separately for each vendor product. That means, if you have equipment from Cisco, Juniper, CheckPoint, Fortinet, and others mashed into your IT infrastructure, each must be configured separately. As you can imagine, this leaves plenty of room for error. Our vendor-agnostic centralized configuration manager enables folks to manage all of their network configurations in one place so you don’t have to make separate adjustments by vendor. ChangeManager enables IT admins to act fast when a breach occurs. For example, to change configurations, you only have to write one policy, such as “isolate transaction server if there is a virus attack,” and our system will translate that into device-specific rules. You can have 20 devices between points A and B that need to be reconfigured and ChangeManager will know what to change and how to change it automatically. We include a workflow so you can set up policies ahead of time and ask management to sign off. Then, when EventManager detects a legitimate attack on your transaction server, the alert will be sent and ChangeManager will fix it right away. This helps us close the security management loop, as we not only passively monitor, but actively adapt your network to manage and protect against incoming threats. As you can tell, I take pride in the technologies Exaprotect has developed over the past five years. We were founded out of a real need to go beyond the broken promises security event management companies keep making about solving customer problems. At the end of the day, if you’ve got 100x white noise and only one legitimate threat, you can’t effectively monitor or manage your network. When you think about the rising threat of privileged users who can often slip buy archaic SEM solutions, why invest so much when you get back so little? I look forward to promoting our technologies through the premium “LogLogic Execution” capabilities already demonstrated by their leadership position in the log management space. We will then provide our joint customers and prospects with outstanding security management technologies through a unique portfolio of products and become the leader in this space!