Are you using a SIEM product? If yes, which one and what has been your experience so far w.r.t  1. Implementation 2. Effectiveness 3. TCO

Security & GRCThreat Intelligence & Incident Response
163 viewscircle icon1 Upvotecircle icon3 Comments
Sort by:
VP of IT Operations in Software5 years ago

We keep cycling through different options. The SaaS models for this get expensive fast, or you sacrifice data because of cost.  The on prem or open source options require a lot of dedicated time to configure.

Chief Security Officer in Software5 years ago

Elastic and Splunk. Easy, effective, but expensive.

Principal Information Security Officer in Education5 years ago

Elastic SIEM with DIY customizations.
1. Fairly straightforward OOTB.
2. Very.  Does exactly what we ask it to do.
3. TCO is much better than the RSA Security Analytics / Netwitness SIEM it replaced.

Lightbulb on1

Content you might like

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Read More Comments

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Read More Comments

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

Which cybersecurity attack is currently your highest priority (to defend against)?

Ransomware and multifaceted extortion34%

Business email compromise39%

Third-party vendor compromise (supply chain)18%

Cloud security incidents6%

I have no idea1%

View Results

To what extent do you agree or disagree with this statement: I'd prefer to leverage existing on-prem compliance, policies, controls and knowledge for cloud workloads over rebuilding security and compliance in the cloud.

Strongly Agree10%

Agree60%

Neutral14%

Disagree14%

Strongly Disagree

View Results