For me, the most valuable feature of LogRhythm Axon is the log parsing technology it has. With my company, I'm the current policy builder, so not having to know an archaic, cryptic format and being able to visually grab a log and assign an element to a particular meta tag quickly and easily, and being able to run tests on that have been super useful. It's going to revolutionize the way the logs are identified and classified. It's super easy to navigate workflows on the user interface. It is intuitive, and Axon uses a lot of industry-standard icons. You can quickly identify where you need to go to find the tool you need to use, whether it's creating new policies, creating widgets on the dashboard, or doing administrative tasks such as creating users or assigning permissions. Regarding Axon's impact on our investigation time, the investigations are extremely fast, intuitive, and easy to use. You just have to click and drag. We can quickly drill down into things versus that with the current solution, which requires a little bit of training and understanding of the query languages. Axon provides a much better way. The fact that your investigations can be saved into a single query string that you can copy and share with your teammates is going to be a game changer. The GUI's intuitive nature and ease of use, along with being able to quickly go in and create accounts for new users in the application, have streamlined our onboarding process. It's much faster and easier than that with the existing tool. My hope is that they're going to actually integrate Axon with Active Directory so that it can be automated within your environment and you can handle that at user onboarding. The visibility provided by Axon is great. The number of widgets that it has currently, the proposed widgets that they hope to add, the number of meta tags, and the way you can manipulate and change the way that you view the data are really useful. You can create multiple dashboards with different views, pivots, and ways to analyze the data. It gives you good visibility into what's going on. It's critical for any organization, including ours, to have centralized visibility across a variety of log sources. By using different dashboards and widget configurations and by changing the way that you analyze and look at the data, you can quickly have different views. You will be able to see things that are not normally visible in current products and have a more holistic view. The Axon log management searchable database has significantly improved the way that we create investigations. The ability to click, choose, create queries, modify those queries, save them, and share them among people has been a significant improvement compared to that with the existing LogRhythm product which is very GUI driven. You have to understand the logic behind it. It's going to be a good change to be able to quickly copy, paste, and send an investigation and have the person run it rather than having to recreate it or be locked into using a shared investigation that you've created. The cloud-based architecture is going to really reduce the number of resources for SOC engineers because they're going to be able to focus more on data analysis and data concepts rather than on supporting software problems or hardware issues.
