Ease-of-use and Big data to define the next generation SIEM solution

dark reading.PNGRobert Lemos from the darkreading.com writes about Next Generation Of SIEMs? Ease Of Use, Analyze More Data. The discussion focuses on creation of next generation SIEM. Most vendors including HP ArcSight agrees that ease-of-use is the most requested feature or primary focus of SIEM solution. Eric Schou who runs the HP ArcSight products says that “Whether it is large enterprise, public sector, or small business, nobody wants a complex product that is difficult to learn and manage”.

 

HP ArcSight has released HP ArcSight ESM 6.5c, an update to the flagship SIEM solution with the new web 2.0 user interface. The new solution comes with a brand new full-text search functionality like in ArcSight Logger. This enables users to use one interface and solution for log management and SIEM. The new ESM also comes with an optional risk management dashboard where security events are mapped to business services and are prioritized based on business impact.

 

Another disruptive change in the recent releases of ESM has been around data storage. ArcSight has moved away from Oracle database to columnar database built into ArcSight. This has shown exponential increase in data injection, query, and data correlation speeds. This eliminates the need for costly infrastructure or DBAs to manage or secure big data.

 

The deployment of security-intelligence systems such as SIEM and log management continues to be the top strategy for reducing the costs of a breach, with SIEM alone saving around $2 million  per deployment as per the Ponemon Institute study on cyber attack.

 

Mark Nicolette from Gartner points out in this article that SIEM deployments are difficult as it is integrating complex set of data sources. Mark suggests that although next features are nice to talk about, deployment usability takes the priority with new deployments.

 

Eric Schou from HP Security, believes the crowd-sourced model will work because it gives each participant more value than they typically put in. "If there isn't that value, and if they don't feel like it improves their security posture, then they won't take part," Schou says.

 

Robert ends his article with a good summary stating “If next-generation products can deliver that combination of intelligence and usability, only then will companies benefit.”

 

Check out our HP ArcSight solution on the new and improved usability SIEM solution. Where we have high performance SIEM, built-in content, search, and storage capability for compliance and security use cases.

Comments
Jeu Cadeaux A Gagner(anon) | ‎11-17-2013 08:40 PM
Que dire de ce billet qui ma veritablement subjugez ... sublime ?
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.