TECHNOLOGY
SIEM SOLUTIONS LEADERS
Gartner ’ s 2024 Magic Quadrant report for SIEM named Splunk , Microsoft , IBM , Securonix and Exabeam as leaders in the area ; Logpoint being named a niche player , and Google as a visionary .
Additionally , SIEM solutions employ anomaly detection techniques using machine learning algorithms and statistical models to establish baselines of normal activity and flag significant deviations as potential threats , helping to identify previously unknown or emerging threats .
And here is the first hurdle . “ Given the vast amount of new threats which appear every day , today ’ s SIEMs are not effective against the emerging and sophisticated threats out there which don ’ t follow pre -existing patterns ,” says Amit .
Adversarial behaviour is changing , making it more difficult to detect . One such tactic gaining popularity is the use of Living Off the Land Binaries and Scripting ( LOLBAS ) techniques . This involves leveraging legitimate applications and tools already present on the target system for malicious purposes , rather than introducing new malware .
By abusing trusted software in unexpected ways , attackers can blend in with normal system activity , making it more difficult for traditional security solutions to distinguish malicious behaviour from benign activity .
cybermagazine . com 111