SIEMprovement
SIEM Survey Results
2021 Black Hat USA
Download Report
Gurucul conducted a survey at the 2021 Black Hat USA Conference on Security Information and Event Management (SIEM) products. We wanted to know how attendees feel about their current SIEM. Over 500 attendees responded to our survey – both in person visitors to our booth and virtual conference attendees. Here are the survey results.
The headlines:
- It all comes back to data. Data ingestion, enrichment, correlation, filtering, and linking are essential SIEM capabilities. Yet most SIEMs on the market today still require heavy lifting when it comes to getting data into the SIEM.
- SIEMs are labor intensive. To deal with even a single false positive, legacy SIEMs require a fully staffed, 24/7 Security Operations Team to provide human analysis, response, and remediation. Contending with too many false positives is an arduous task and, therefore, they are often disregarded. This is the reason critical alerts get missed and why victim organizations get compromised.
- SIEMs are expensive. The pay for data consumption model – i.e., by Events Per Second (EPS) – is costly and flawed. You need all the data sources possible to detect threats in flight. It’s time to move to an asset-based pricing model. It’s vastly more cost efficient and offers predictable pricing.
‛‛ Gurucul Analytics-driven SIEM goes way beyond delivering all the features expected from a SIEM platform and adds capabilities that no traditional SIEM platform can match. It leverages an open metadata and flexible entity framework to consume business critical, cloud, and on-prem applications data including proprietary and legacy systems. ’’
– Saryu Nayyar, CEO, Gurucul
Gurucul is a global cyber security company that is changing the way organizations protect their most valuable assets, data and information from insider and external threats both on-premises and in the cloud. Gurucul’s real-time Unified Security and Risk Analytics Platform provides Analytics-Driven SIEM, UEBA, XDR, Risk-Driven SOAR, Identity Analytics, and Fraud Analytics. It combines machine learning behavior profiling with predictive risk-scoring algorithms to predict, prevent and detect breaches. Gurucul technology is used by Global 1000 companies and government agencies to fight cybercrimes, IP theft, insider threat and account compromise with high efficacy detections as well as for log aggregation, compliance and risk based security orchestration and automation for real-time extended detection and response.
