Following their acquisition of Resurface, we had the chance to speak with the CEO of Graylog, a SIEM provider best known for it user friendliness. Their entry into the API security market was one topic, but we’ve also asked Andy about the role that AI plays in todays cybersecurity environment and whether the ongoing consolidation in the market is short-termed or something we will see more of.
Cyber Protection Magazine: Thank you for joining us today. To start off, can you provide a brief introduction about your organization and its focus?
Andy Grolnick: Of course. Graylog is a platform designed to collect and analyze log event data for two primary purposes. First, it aids in detecting and responding to threats. Second, it assists in identifying issues within IT operations, such as performance or availability concerns. Our company initially concentrated on IT operations, gradually incorporating security capabilities over the years to compete with other industry players like Splunk, Elastic, and Sumo Logic. We prioritize enhancing the user experience for analysts, ensuring intuitive workflows and smooth interactions. This dedication to user satisfaction is reflected in our positive feedback on platforms like Gartner Peer Insights. Additionally, cost and total ownership are key factors. While licensing costs are essential, we consider people and infrastructure expenses as well. Graylog’s architecture optimizes parsing, resulting in quick query responses compared to solutions that parse data during querying.
Cyber Protection Magazine: Shifting gears a bit, let’s delve into Graylog’s recent acquisition of Resurface, which focuses on API security. What drove your decision to venture into API security, and how does this fit into Graylog’s overall mission?
Andy Grolnick: API security is a natural progression for us, given our focus on threat detection and response. The increasing prevalence of attacks targeting APIs, coupled with inadequate security measures, prompted our interest in this area. Resurface offers unique capabilities in handling complex and voluminous API data, making it an ideal fit. Our vision involves incorporating Resurface’s alerts into our broader SOC workflow, enriching threat detection and response capabilities. This aligns with our commitment to providing complete visibility in an often-overlooked attack surface.
Cyber Protection Magazine: API security’s significance is evident, particularly with the rise in attacks. Do you think this applies to all businesses, including smaller ones that might not extensively utilize APIs?
Andy Grolnick: API security is indeed important, but its relevance varies based on business type. Medium to large companies, especially those utilizing APIs extensively, benefit most from solutions like Resurface. Smaller businesses may also find relevance, particularly software companies using APIs for their offerings.
Cyber Protection Magazine: Thank you for clarifying that. Moving forward, your press release mentioned the ongoing consolidation of the cybersecurity market. How do you foresee this trend unfolding, especially in the context of your competitors and the broader cybersecurity landscape?
Andy Grolnick: The cybersecurity market is experiencing rapid growth, resulting in a plethora of startups offering specialized solutions. However, customers are now seeking vendors capable of offering multiple related solutions to streamline their security operations. Consolidation is likely to continue as companies like ours expand their offerings to provide comprehensive cybersecurity solutions. The market is expected to see further consolidation as some startups may struggle to scale and find their footing in an increasingly competitive landscape.
Cyber Protection Magazine: That’s a valuable insight into the market’s trajectory. Lastly, considering the ongoing AI and machine learning trend, how does Graylog incorporate these technologies into its products? What role does AI play in enhancing your offerings?
Andy Grolnick: AI and machine learning have found their way into the cybersecurity space, and Graylog is no exception. Our SIEM platform, along with others, incorporates AI-driven anomaly detection and user behavior analytics. The key lies in clean, well-organized data for effective AI application. In the context of Resurface, its comprehensive dataset and real-time capabilities offer a unique advantage for AI-based threat detection. Additionally, Resurface’s guided threat detection and response approach assists users, especially those lacking cybersecurity expertise, in understanding and mitigating threats effectively.
*disclaimer: the transcript of the interview is longer, and we have asked ChatGPT to shorten it – the article you’ve just read is the result, and in our view it really does cover what we’ve talked about with Andy.