TECHNOLOGY
In an increasingly volatile cyber landscape , where the growth of new and increased threats are posing ever greater risks , the role of Security Information and Event Management ( SIEM ) solutions are being placed under the microscope .
Examining its current capabilities , many organisations are of the opinion that a major shift is underway in the area , and a significant transformation is needed to keep it adequate for today ’ s use .
SIEM , a security solution that collects , analyses , and correlates log data and security events from various sources within an organisation ’ s IT infrastructure , provides a centralised platform for monitoring , detecting , and responding to potential security threats and incidents . SIEM solutions typically ingest data from sources such as firewalls , intrusion detection / prevention systems ( IDS / IPS ), antivirus software , servers , and other security devices , and then apply predefined rules , correlation algorithms , and machine learning techniques to identify patterns and anomalies that may indicate security breaches or malicious activities .
Traditional SIEM approaches , however , are proving inadequate in addressing the complexities of modern cyber threats .
“ In our view , SIEM solutions no longer deliver against organisations ’ operational security needs in today ’ s rapidly evolving cyber landscape ,” said Amit Tailor , Director of Systems Engineering at Palo Alto Networks .
106 August 2024