Cloudy Future for Security Analytics

When you think of security analytics and operations, one technology tends to come to mind – security information and event management (SIEM). SIEM technology was around when I started focusing on cybersecurity in 2002 (think eSecurity, Intellitactics, NetForensics, etc.) and remains the primary security operations platform today. Vendors in this space today include AlienVault (AT&T), IBM (QRadar), LogRhythm, McAfee, and Splunk....

Read More

How Enterprise Organizations Benefit from SOAPA

I’ve written about SOAPA for almost a year now, here’s a link to the original blog I posted last November. The concept seems to be catching on in the industry. I’ve had lots of industry leaders participate in SOAPA videos with me and there are many more videos in the works. I’m happy to say that SOAPA isn’t just an analyst idea or industry buzzword. In fact, 21% of enterprise organizations say that they are very active in integrating...

Read More

Will Open Source Kill Splunk?

Over at readwrite.com, Matt Asay published a blog post entitled “In A World Of Open Source Big Data, Splunk Should Not Exist.” He then does a pretty good job of debunking his own thesis and explaining why customers continue to pay Splunk big bucks to do what it does. However, since there is so much noise around the question of open-source big data tools as alternatives to Splunk, this question deserves further exploration. What Is...

Read More