SIEM is NOT dead, SIEM means never having to say 'sorry'

SIEM is NOT dead, SIEM means never having to say 'sorry'. HP has been leading the market, technology, and industry for as long as SIEM has existed. We have been recognized by Gartner in the leaders quadrant every year. In fact, we have been leaders for more years than anyone has been in the MQ consistently.

 

SIEM started the big data security analytics wave back in 2007 when ArcSight introduced CORRe engine. A database that lets you store and analyze unlimited volume of data in real-time. sounds familiar? There are many me-too products that thinks that SIEM is dead and their technology is next best think to sliced bread. Let us show you what SIEM does and how customers are using it for more than 50 use cases in the market.

 

Let's look at the top 10 use cases of SIEM (Security information and event management)

 

#10: Security analytics through visualization of threats and risk score

 

10.png

 

#9: Detecting and protecting your enterprise against Zero-day attacks

 

9.jpg

 

#8: Monitor and prevent insider threats like Edward Snowden

 

8.png

 

#7: Detect early on and prevent active attacks in real-time such as malware, bots, DDos, virtus, or distributed attacks

 

9.1.png

 

#6: Network and infrastructure security analytics

 

6.png

 

#5: Application security logging, analytics, and transaction monitoring

 

5.png

 

 

 

 

 

 

 

 

 

 

 

#4: Continuous monitoring for compliance analytics and cost-effective audit reports

 

4.png


#3: Universal log collection, storage, analysis, and management from web, security devices, apps, or devices

 

3.png

 

 

#2: Build cyber defense center through 5th generation security operation center (SOC)

 

2.png

 

 

#1: Big data security analytics

 

1.png

 

 

 

 

 

 

 

 

 

 

 

For more information on how SIEM continues to drive innovation in the security industry, attend my session at the Discover DF3968. My session starts on Wednesday, Jun 11, 2014 between 11:15 AM - 11:45 AM

Labels: ArcSight
Comments
Pawan Kumar | ‎05-30-2014 10:11 PM

Your article is simple yet informative. 

 

May i use ur content for my website ?

 

 

krishna chaitanya K | ‎07-02-2014 09:45 PM

How it will give attack vector when it is analyzing only logs? Very basic question- How i will have the entire attack vector in a single window? How you will know the attcak behavior? 

 

In the real time environment- we should be able to find the attcak before its going to effect the environment. 

 

What do you think if someone stealing information? Is it not a threat? We know we have all the best technologies to prevent and monitor. Still can you able to bring all that data to a single dashboard and analyze?

 

That is where industry is saying SIEM is DEAD. Security is not a static..Implement rules and sleep...Its continuous and stuational base.

 

SIEM space is slowly moving towards situational awareness. SIEM shouldnt be always reactive and sometime proactive until you have logs. Logs only solve security 360 degrees? 

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.