Fabrice Prugnaud and Hervé Liotaud, LogLogic: “Exaprotect and its resources strengthen LogLogic, not vice versa”
October 2009 by Emmanuelle Lamandé
LogLogic acquired Exaprotect in April 2009, hence rounding out the group’s log management offering with SIEM. At the same time, LogLogic is extending its presence in France and Europe around a team of more than 60 people. On the occasion of the Assises de la Sécurité event, we look back at the highlights of this acquisition with LogLogic’s Vice President, Fabrice Prugnaud, and Sales Director for France/BeNeLux/Switzerland, Hervé Liotaud.
Fabrice Prugnaud and Hervé Liotaud
GS Mag: LogLogic acquired Exaprotect in April 2009. Can you tell us the highlights of this acquisition?
Fabrice Prugnaud and Hervé Liotaud: LogLogic is a major player in log management, but we lacked the alert correlation aspect. For Exaprotect, it was the opposite. So, our two offerings are proving to be complementary. At the time of the buyout, six candidates were on the list: five American companies and one French company. We had more of a desire to strengthen our European presence than to use a few people to deal with Europe, as Americans generally do. So, the objective was to have a true team in France and Europe, including R&D and Support. The first meeting with Exaprotect took place in September 2008, and the acquisition was done in 2009. It only took us a few months to make our decision.
GS Mag: How do you explain the speed of this acquisition?
Fabrice Prugnaud and Hervé Liotaud: Everything was prepared for this acquisition. The two companies had anticipated the crisis and set out a redeployment plan. We have the same philosophy and understanding of the market, which made things easy. In addition, this acquisition didn’t involve any doubling up, breaking up, or layoffs. Our LMI and SIEM solutions complement each other.
GS Mag: Where are you now in integrating the teams and solutions?
Fabrice Prugnaud and Hervé Liotaud: Currently, we have integrated the teams. The LogLogic teams joined the Exaprotect teams in Paris. Hence, France is becoming the group’s European Headquarters. At the technological level, our products complement each other. For now, they sit side by side, but eventually we hope to develop a unified platform. Our approach is modular, since it is made up of a technological base and various modules that can be added.
GS Mag: What kind of welcome is the integration getting at the show?
Fabrice Prugnaud and Hervé Liotaud: The response has been very positive, and many projects are in the works. This year, we sensed growing concern from companies at the show, with a desire to start a project quickly in order to prove that they have begun a process in case of audits. In order to improve security level, everyone must now work together. The CIO must no longer be alone in defending security and obtaining budgets. It involves multiple players who depend on other divisions within the company, such as compliance.
GS Mag: How much time does it take to implement a project?
Fabrice Prugnaud and Hervé Liotaud: That depends on the desired project type. There are three different categories:
• a pure log management project (collection, reporting, forensics, storage) can be deployed in a few days.
• In the case of an SIEM project, the complexity of the installation depends on the correlation. Actually, correlating everything makes no sense. It is therefore necessary to define the needs, the levels of risk, etc. Certain projects can be deployed in a few weeks. In order for the implementation to be fast and operational, it is important to be supported by one of our certified integrator partners. We have a just over one hundred of them worldwide and 35 in Europe. In France, we collaborate with Devoteam, Thalès, Verizon Business, Orange Business Services, Atos, DCI, EADS, and i-tracing.
• Lastly, a Security Change Management project has a variable duration, because these products relate to the security policy and its actual implementation. It involves pushing the security policy on physical tools. The goal is to be able to implement the “A” in the “PDCA” (Plan-Do-Check-Act) model. We can carry out the “Act” thanks to the Solsoft legacy, acquired three years ago by Exaprotect. The remediation aspect is important. It allows us to take action on the company’s active equipment. We are in the third generation of log management.
GS Mag: What will be the next steps in your development strategy?
Fabrice Prugnaud and Hervé Liotaud: At the EMEA level, we’d like to reinforce certain regions: Northern Europe, Middle East, Southern Europe (Italy, Spain). We have a lot of requests in these regions and must therefore increase our presence in these markets.
We will focus more on GSIs (global security integrators). This means offering companies a complete survey (legal aspects, technological aspects, etc.) by pulling together three specific skills. To do this, LogLogic works with a law firm and a management and technology consulting company. From this report, we recommend this or that to them. It is a true pilot with three specialists who standardize the results.
GS Mag: What key message would you like to pass along to the Information System Security Managers about this acquisition?
Fabrice Prugnaud and Hervé Liotaud: What they should keep in mind is that all Exaprotect products are still there, as are the teams. All Support and R&D remain in France. We have no desire to relocate to the US or elsewhere. It is Exaprotect and its resources that strengthen LogLogic, not vice versa.