Security incident and event management (SIEM) has been getting a lot of attention lately from major players in the technology market. Among the companies investing in SIEM by offering solutions are IBM, HP, Dell, LogRhythm, McAfee, Splunk, AlienVault, BlackStratus, EventTracker, Fortinet, Micro Focus, SolarWinds, Symantec, Tenable Network Security, TIBCO Software, Trustwave, and ZOHO Corp.
But why the interest?
SIEM isn’t a new technology. However, SIEM is uniquely suited to fighting threats in today’s risk landscape and aligns with a Zero Trust approach to data security. SIEM is also evolving into next-generation cloud-based solutions that are equipped with advanced analytics capabilities.
SIEM as Part of a Zero Trust Architecture (ZTA)
One of the reasons SIEM technology is receiving attention from top technology companies is that it helps businesses follow the Zero Trust principles of never trust; always verify. Zero Trust security is a concept introduced by Forrester Research that encourages the questioning of all data and application access attempts. While Zero Trust is an approach to security, not a solution, security tools, such as SIEM, can make up a Zero Trust Architecture (ZTA).
SIEM technology works as part of ZTA because it helps companies detect, identify, and respond to threats in real time. SIEM can detect both internal and external threats by collecting and logging information about activity on the network that can be analyzed for threat intelligence. The system sends alerts when suspicious activity is detected on the network, preventing breach attempts from succeeding.
SIEM for Cloud and Endpoint Protection
SIEM has new relevance because it has evolved to protect today’s distributed technology architectures. The latest SIEM solutions are cloud-based, allowing your company to log information across your complex hybrid or multicloud environments.
Organizations are also deploying more endpoints because of the remote workforce and the growth of IoT. Today’s SIEM solutions can centralize monitoring for IoT devices and the endpoints used in remote workplaces, logging events that originate at any point in a geographically distributed environment.
What Some Major Players Are Offering
A long list of technology companies is offering SIEM solutions, but it helps to focus on a few top players in the market to see how they are defining next-generation SIEM. These major players have developed cloud-based SIEM solutions with built-in advanced analytics and security orchestration and advanced response integration (SOAR).
IBM offers Security QRadar SIEM, and it’s no surprise that IBM’s contribution to next-generation SIEM is built-in advanced analytics. As a leader in cognitive analytics, IBM has transformed SIEM to include user behavior analytics, network insights, and artificial intelligence (AI). These advanced analytics are used to speed up detection. IBM also integrates SIEM with SOAR for enhanced remediation of threats once they are detected. IBM SIEM secures cloud environments and IoT devices.
HPE offers ArcSight Enterprise Security Manager (ESM) for SIEM. ArcSight delivers built-in support for many industry-specific compliance regulations, including HIPAA, PCI, and SOX. Many compliance regulations mandate the use of SIEM. ArcSight SIEM also supports third-party threat intelligence feeds.
Dell Trusted Device supports SIEM protection for endpoints. Trusted Device collects security data and moves it to a docker container, which processes the information that can then be sent to the SIEM. The SIEM can identify trends, send alerts, and transform data into reports on a dashboard.
Reconsidering SIEM
With all the new interest and developments in SIEM, now may be the time to take another look at SIEM for your business. The right partner can connect you with next-generation SIEM solutions that help you start to put together a Zero Trust security strategy.
ProActive Solutions partners with leaders in the modern SIEM space, including IBM and HPE. We can work with your company to develop a security strategy that includes SIEM technology for a Zero Trust approach to fighting internal and external threats throughout your environment.
Learn more about how SIEM fits into the transformation of your data security. Request a quote from the security experts at ProActive.