A new report out from Osterman Research and Cyphort -“The Complexities of SIEMs and Their Impact on IR Processes, shows IT security teams are not satisfied with the threat investigation and analysis capabilities available through their SIEMs. Mike Patterson, CEO at Plixer commented below.
Mike Patterson, CEO at Plixer:
“Once thought to be the Coup de grâce of all other threat detection systems, SIEMs are now being recognized as nothing more than a central repository where you can spend lots of time looking for problems. Their jack of all trades approach to ingesting logs, events and other forms of meta data has resulted in a system requiring heavy customization to look for problems. Advanced security analytics requires specialization. A system designed for ingesting and reporting on syslogs isn’t architected for analyzing flows. By staying focused on one area of threat detection and remediation, vendors can deliver highly effective systems that allow customers to gain the insight needed within seconds.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.