Security Information and Event Management (SIEM) solutions have been the foundation of enterprises’ security operations and threat detection & response. Even though USM Anywhere has many key SIEM features, it is much more than a SIEM.
Why? To perform threat detection, SIEMs and purpose-built threat consoles collect data from security devices. These include network firewalls, endpoint devices, & vulnerability managers to directly from the cloud. However, all too often, they collect disparate data sources without an organizing principle. Instead, SIEMs build bigger (and exponentially growing) data lakes of unnormalized log data without a quick and easy way to truly understand the data.
Of course, this may work for the world’s largest security operations teams which have the resources to find the proverbial needles in the haystack — or to deploy complex analytics engines to help find those needles. …
 |
Posted by: Rakesh Shah |
The post Don’t call it a SIEM – How USM Anywhere does threat detection and response differently appeared first on Cybersecurity Insiders.
August 10, 2020 at 09:09PM
0 comments:
Post a Comment