The SIEM has been the promised land for so many years but never really delivered on its promises. It’s been used mostly as a compliance tool. All the “power” of its correlation, multi-vendor approach sounded like the perfect thing to be the ultimate SOC tool. However it became just another tool that never was the silver bullet it was once touted as. It was heavy, required lots of resources, was expensive and worst of all; mostly reactive. You had all the tools, all the visibility from any data sources available and yet, it took days to stop a threat. What is to become of it? What is the next “SIEM”? What will enterprise need in order to achieve a faster and better turnaround when the next threat comes.
In this session, we will explore what SIEM were supposed to be, what they are and what they are becoming. We will explore other avenues where newer technologies are upsetting this established market.