Story image

Taking a look at what makes up a modern SIEM solution

When SIEM tools first emerged in the early 2000s, they were complex and unwieldy beasts, requiring large amounts of customisation and careful management.

It was certainly true that SIEM - at this stage - was only suited to large organisations with big budgets, with smaller organisations not possessing the resources to implement them. However SIEM has evolved, and the tools of today bear little resemblance to those of the past.

Modern SIEM tools are based on a big data analytics platform which enables them to scour much larger data sets, proving quite significant for organisations experiencing a data deluge and with infrastructures that continue to grow in complexity. Today's SIEM tools can also deal with large volumes of both structured and unstructured data, which is relevant as potential security threats come in many forms and can only be identified through the careful analysis of both data types. To achieve this, today's SIEM tools leverage machine-based analytics, which effectively automates the task of examining large volumes of data.

This, in turn, allows patterns and incidents to be identified that traditionally may have gone unnoticed.

This capability is what is making SIEM tools attractive for smaller firms. They give them access to analytical capabilities that until recently were only available to large organisations.

This comes at a time when they recognise the importance of having a robust security infrastructure in place. They understand that just having anti-virus software and firewalls in place is no longer enough.

What to look for when deploying SIEM​

Analyst heavyweight Gartner, in its Magic Quadrant report, routinely outlines a handful of vendors that qualify as leaders in the SIEM department.

Gartner describes Leaders as those vendors who provide products that are a strong functional match to general market requirements, have been the most successful in building an installed base and revenue stream within the SIEM market, and have a relatively high viability rating (due to SIEM revenue or SIEM revenue in combination with revenue from other sources).

Among the organisations recognised in the Leaders Quadrant is security intelligence organisation LogRhythm, who were highlighted by Garnet for a number of reasons.

Gartner said the LogRhythm SIEM solution had a host of strengths, including;

  • LogRhythm provides a strong platform for organizations that want a contained platform that includes core SIEM capabilities enhanced by complementary host and network monitoring capabilities, in a solution that can scale from a single appliance up to n-tier architectures.​

  • LogRhythm's out-of-the-box content (and updates delivered to the AI Engine component), along with a powerful user interface, provides a strong real-time monitoring experience for users.​

  • SmartResponse allows users to integrate preconfigured automated response activities into their alert, investigation and response activities, either fully automated or semiautomated (e.g., manually initiated).

Particularly, Gartner said its clients - particularly midsize and smaller enterprise organizations -  reported that the simplified deployment model and support by LogRhythm via the Core Deployment Service is useful.

The analyst also noted that customers with specific use cases indicate that the analytics Co-Pilot Service is also useful to speed up implementation times.

Learn from the experts: Click here to find out how to effectively deploy a SIEM by Gartner.​

Chch crypto exchange Cryptopia facing liquidation
It seems that Christchurch-based cryptocurrency exchange Cryptopia has been unable to recover after malicious cyber attackers stole around $20 million worth of cryptocurrency.
Adobe & Amazon: Making merchants' stores a lot more powerful
Magento Commerce branded stores for Amazon sellers features native integration with Amazon merchant tools including Amazon Pay and Fulfillment by Amazon. These provide the convenience of secure payments and speedy shipping services for buyers.
Four NZ projects shortlisted in IDC's APAC Smart Cities Awards
The annual awards highlight and acknowledge outstanding smart city initiatives in the Asia Pacific region and this year attracted over 180 entries.
How Chorus aims to reshape service company maintenance contracts
“These contracts are the first step in moving Chorus beyond the major UFB network build."
Mind Lab at MOTAT hosting event to promote young women in tech
Gender diversity in the tech industry is a hot topic around the world, but it’s one that New Zealand is looking to tackle head on.
SOLD: Infratil & partner snap up Vodafone NZ
Brookfield Asset Management and Infratil will hand over NZ$3.4 billion to acquire Vodafone New Zealand.
Noise pollution is the new second-hand smoke
ow loud is our phone call? Can you hear your co-worker’s music through their headphones? Do you need to have that meeting in a public area of the office?
Infratil throws its hat into the buyer's market for Vodafone NZ
Vodafone has been through a turbulent time lately, after the threat of staff redundancies, constant fines from the Commerce Commission, and the addition of Vodafone CEO Jason Paris late last year.