SIEM stands for Security Information and Event Management and these solutions have been around since 2000. They were developed with the goal of helping organizations in the early detection of targeted attacks and data breaches. But SIEMs have struggled to keep pace with the security needs of modern enterprises, especially as the volume, variety and velocity of data has grown. As well, SIEMs have struggled to keep pace with the sophistication of modern day threats. Malware 15 years ago was static and predictable. But today’s threats are stealthy, and polymorphic. “Often times when presenting at conferences, people will ask “Is SIEM Dead”? Such a great question! Has the technology reached its end of life? Has SIEM really crashed and burned? I think the answer to that question is NO. SIEM is not dead, it has just evolved. Please read the attached white paper from Sumo Logic to learn how the SIEM market has evolved from threat management to security analytics.
Cloud computing moved the security perimeter. Where once securing your organization meant managing firewalls and access control list changes, you’re now faced with a decentralized and varied collection of authentication and authorization schemes. Identity is the new perimeter. You need to know who’s logging in when, to which apps, and what they’re doing once they’ve gained access. Securing your network and cloud apps starts with gaining visibility into—and controlling—authentication.