Are you using a SIEM product? If yes, which one and what has been your experience so far w.r.t 1. Implementation 2. Effectiveness 3. TCO

Security & GRC Threat Intelligence & Incident Response

163 views1 Upvote3 Comments

Sort by:

VP of IT Operations in Software5 years ago

We keep cycling through different options. The SaaS models for this get expensive fast, or you sacrifice data because of cost. The on prem or open source options require a lot of dedicated time to configure.

Chief Security Officer in Software5 years ago

Elastic and Splunk. Easy, effective, but expensive.

Principal Information Security Officer in Education5 years ago

Elastic SIEM with DIY customizations.
1. Fairly straightforward OOTB.
2. Very. Does exactly what we ask it to do.
3. TCO is much better than the RSA Security Analytics / Netwitness SIEM it replaced.

Content you might like

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

How many point solutions are you using to protect your cybersecurity landscape?

0-215%

3-566%

6-1013%

10+5%

View Results

Which key pentesting capability do current AI-driven vendor solutions most fail to cover?

If your organization has been hit with a ransomware attack in the past, when was the attack(s) first initiated. Select all that apply.

Over the weekend (Saturday or Sunday)15%

During the night (Monday-Friday between 6pm and 8am)63%

During normal business hours (Monday-Friday between 8am and 6pm)31%

On or around a holiday (e.g., Christmas, Labor Day, etc.)11%

Unsure12%

View Results