Gartner has just released the Hype Cycle for Cybersecurity in China, 2025,  and once again lists LogEase as a Sample Vendor in the SIEM category. This marks the company’s second consecutive appearance, having first been recognized in the Hype Cycle for Security in China, 2024.

The report notes:

“Aggregating and standardizing security data to centralize and visualize an organization’s security situation is a core element of effective security programs. SIEM can support security operations centers (SOCs) in identifying, prioritizing and investigating security incidents. Broad-based visibility is the basis for SOCs to make decisions in daily security operations.”

LogEase has built China’s great petabyte-scale, highly-available log search engine, Beaver. Coupled with its low-code Search Processing Language (SPL), the platform ingests and analyzes multiple petabytes of new log data daily. It is already deployed by nearly 1,000 leading organizations across finance, energy, telecommunications, and other verticals, empowering them to unlock the value of machine data and elevate digital operations.

Powered by the Beaver engine and a unified stream/batch processing framework, LogEase delivers a security portfolio built around SIEM, UEBA, and SOAR—its “three-horse carriage”:

• SIEM correlates multi-source telemetry (logs, flows, assets, vulnerabilities, and threat intelligence) and supports scenario-based threat modeling across six domains—perimeter, internal network, cloud, endpoint, infrastructure, and identity—achieving second-level detection and minute-level root-cause analysis.

• UEBA embeds dozens of machine-learning algorithms to baseline user and entity behavior in real time, accurately surfacing insider threats, lateral movement, and data-exfiltration risks.

• SOAR uses visual playbooks and API-level orchestration to automate the entire alert-to-post-mortem workflow, reducing mean response time from hours to minutes.

LogEase has now infused large-model capabilities throughout the security-operations lifecycle:

• An Alert-Triage Agent leverages the MITRE ATT&CK framework to auto-enrich context, dramatically cutting false positives.

• An Attack Path Agent employs the ReAct framework to reconstruct complete attack chains within minutes.

• A Copilot turns natural-language questions into SPL queries, making security analysis as simple as a conversation.

• AI-Driven Dynamic SOAR Playbooks enable one-click, cross-product remediation, ensuring every response is “expert-level.”

Together with our customers, LogEase continues to reinforce dynamic defense, making security operations simpler, smarter, and more trustworthy—accelerating the journey toward an AISOC.