If you’ve been a security professional for any length of time, chances are you’ve experienced the frustrations of SIEM tools. A technology that has benefited immensely from the advent of the cloud, the face of security information and event management (SIEM) is rapidly changing for the better. Recently, we partnered with Ultimate IT Security to discuss the current and future state of SIEM technology, and how it’s evolving to address current risks.
We've broken down the webcast into the following small chapters:
SIEM and SIEM Delivery Models
Elements of Log Management
SIEM Activities and Delivery Models
An Introduction to Rapid7 InsightIDR
InsightIDR Product Demo
Q&A with the Ultimate Windows Security Audience
Before you dive into the recording, here’s a quick overview of the three major points that Spencer Engleson, lead Insight technical specialist at Rapid7, and host Randy Franklin Smith discussed in the webcast:
SIEM: How we got to where we are today
SIEM is not a new security technology by any means, yet it remains a source of frustration for security teams both large and small. Often not built to handle the complex volumes of data we’re dealing with today, teams are still missing out on critical insights and not getting accurate alerts. In an attempt to solve for this, many SIEMs were built to be quite complex, with the caveat that they require a longer learning curve and a bigger budget. As a response to those pain points, many other SIEMs were built to be simplistic—however, they lack many critical features. You can learn mo ..