// Trust & Security Report
LogRhythm (part of Exabeam post-2024 merger)
Enterprise SIEM platform with behavioral analytics, threat detection, and compliance automation modules. LogRhythm merged with Exabeam on July 17, 2024, and now operates as a product line within Exabeam with maintained brand presence.
Certifications held
10
Maturity
Enterprise
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on exabeam.com“Exabeam complies with GDPR with appropriate technical and organizational measures in place. Certified to EU-U.S. Data Privacy Framework, UK Extension, and Swiss-U.S. Data Privacy Framework.”
Verify on exabeam.securitypal.com“Cyber Essentials certification listed in trust center”
> Show 1 unconfirmed / not-held certifications
source: logrhythm.comLogRhythm provides HIPAA compliance automation modules and healthcare security solutions but is not formally HIPAA certified. Offers prebuilt compliance modules to help customers meet HIPAA requirements.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
Multiple regions supported with regional terms and conditions (APJ, Europe, Middle East/Africa, North America). Data Privacy Framework certifications indicate compliance with EU-U.S., UK, and Swiss-U.S. standards.
Privacy policy does not mention training on customer data. Focus is on operational data collection, security incident analysis, and service delivery.
// Security controls
Encryption in Transit
TLS encryption enforced for data transfer from all collectors to cloud
logrhythm.comVulnerability Management
Regular vulnerability scans of product code; annual third-party Attack and Penetration Test with results shared to customers
exabeam.comData Processing Addendum
LogRhythm Data Processing Addendum available for SaaS offerings (dated 05-2024)
logrhythm.com// Products & data scope
data: Ingests security logs and events from enterprise infrastructure
Core SIEM product with behavioral analytics, threat detection, and compliance automation. On-premises and cloud deployment options.
data: Cloud-native SIEM as-a-service
Managed cloud offering with same compliance and security capabilities as on-premises version.
data: Healthcare-specific compliance (HIPAA, HITECH, PI)
Pre-built modules for healthcare organizations. Includes AIE rules, investigations, alarms, and reports.
data: Multi-framework compliance support (SOC 2, PCI DSS, GDPR, ISO 27001, FISMA, CMMC, NERC, etc.)
Pre-built automation modules available at no charge to customers via Knowledge Base updates.
data: User behavior monitoring and threat detection
Baseline activity detection and anomaly identification. Part of core SIEM platform and newer agent behavior analytics capabilities.
// What to watch
- HIPAA support: LogRhythm provides HIPAA compliance modules and automation but is NOT formally HIPAA certified. Marketing may emphasize healthcare compliance without clarifying this distinction.
- Trust center accessed via Exabeam domain (exabeam.securitypal.com) reflecting post-merger structure - all certifications listed are shared across both brands
// At a glance
Pricing model
Enterprise - typically subscription-based for cloud offerings, perpetual license with maintenance for on-premises
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on LogRhythm (part of Exabeam post-2024 merger)'s own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-07. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
exabeam.securitypal.com