Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

Ease-of-use and Big data to define the next generation SIEM solution

‎10-24-2013 10:11 AM - edited ‎07-07-2015 10:30 AM

Robert Lemos from the darkreading.com writes about Next Generation Of SIEMs? Ease Of Use, Analyze More Data. The discussion focuses on creation of next generation SIEM. Most vendors including HP ArcSight agrees that ease-of-use is the most requested feature or primary focus of SIEM solution. Eric Schou who runs the HP ArcSight products says that “Whether it is large enterprise, public sector, or small business, nobody wants a complex product that is difficult to learn and manage”.

 

HP ArcSight has released HP ArcSight ESM 6.5c, an update to the flagship SIEM solution with the new web 2.0 user interface. The new solution comes with a brand new full-text search functionality like in ArcSight Logger. This enables users to use one interface and solution for log management and SIEM. The new ESM also comes with an optional risk management dashboard where security events are mapped to business services and are prioritized based on business impact.

 

Another disruptive change in the recent releases of ESM has been around data storage. ArcSight has moved away from Oracle database to columnar database built into ArcSight. This has shown exponential increase in data injection, query, and data correlation speeds. This eliminates the need for costly infrastructure or DBAs to manage or secure big data.

 

The deployment of security-intelligence systems such as SIEM and log management continues to be the top strategy for reducing the costs of a breach, with SIEM alone saving around $2 million  per deployment as per the Ponemon Institute study on cyber attack.

 

Mark Nicolette from Gartner points out in this article that SIEM deployments are difficult as it is integrating complex set of data sources. Mark suggests that although next features are nice to talk about, deployment usability takes the priority with new deployments.

 

Eric Schou from HP Security, believes the crowd-sourced model will work because it gives each participant more value than they typically put in. "If there isn't that value, and if they don't feel like it improves their security posture, then they won't take part," Schou says.

 

Robert ends his article with a good summary stating “If next-generation products can deliver that combination of intelligence and usability, only then will companies benefit.”

 

Check out our HP ArcSight solution on the new and improved usability SIEM solution. Where we have high performance SIEM, built-in content, search, and storage capability for compliance and security use cases.

0 Kudos
About the Author

Sri_Karnam

Comments
Jeu Cadeaux A Gagner
on ‎11-17-2013 08:40 PM
Que dire de ce billet qui ma veritablement subjugez ... sublime ?
Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference on August 29 - September 1, 2016 to learn from peers in every industry and hear from Big Data experts and thought lea...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference on September 13 - 16, 2016, and is the place to meet the world’s top information security talent, discuss new pr...
Read more
View all