- Some IT decision-makers chaff at the idea of SIEM can help them deflect modern cyber-threats; SIEM does possess a reputation as being difficult to work with and generating false positives.
- Current research suggests SIEM becomes part of a wider cybersecurity platform unified by security orchestration, automation, and response (SOAR). SOAR decentralizes and re-centralizes cybersecurity tools like SIEM, firewalls, and identity management by unifying each’s findings under one pane of glass.
- Visibility is the most essential cybersecurity principle. Without visibility, you’re literally operating in the dark. You can’t protect what you can’t see.
- SIEM can assist with increasing network visibility via its log management. However, using SIEM as a visibility tool raises new questions. Where should your SIEM prioritize? How can it handle a scaled environment? Can you maintain visibility over your network when it isn’t under your direct vision to begin with?
- A next-generation SIEM solution should enable your IT security team to revise and monitor configuration rules on the fly, easing the visibility issue.
– Ben Canner | April 27, 2021