Comments on: Defining SIEM/Log Management “Integration” http://blog.eiqnetworks.com/2009/07/22/defining-siemlog-management-integration/ Perspectives on Security and Compliance Management from eIQnetworks Thu, 29 Oct 2009 15:57:47 +0000 hourly 1 http://wordpress.com/ By: Security, Compliance, SIEM and Log Management: Making sense of it all « eIQviews http://blog.eiqnetworks.com/2009/07/22/defining-siemlog-management-integration/#comment-166 Security, Compliance, SIEM and Log Management: Making sense of it all « eIQviews Mon, 31 Aug 2009 21:15:14 +0000 http://blog.eiqnetworks.com/?p=225#comment-166 [...] This need for both security and compliance has driven for convergence of previously separate technologies (security information and event management (SIEM) and log management) coming together. And now most vendors have solutions to address both problems. Of course, we can (and do) debate about what integration really means, which we wrote about recently on eIQviews. [...] [...] This need for both security and compliance has driven for convergence of previously separate technologies (security information and event management (SIEM) and log management) coming together. And now most vendors have solutions to address both problems. Of course, we can (and do) debate about what integration really means, which we wrote about recently on eIQviews. [...]

]]> By: Adrian Lane http://blog.eiqnetworks.com/2009/07/22/defining-siemlog-management-integration/#comment-128 Adrian Lane Wed, 22 Jul 2009 17:12:42 +0000 http://blog.eiqnetworks.com/?p=225#comment-128 Nice post. The goal here is to provide a breadth of functionality without the end user having the underlying technology complexities shoved in their face. Agree with almost all of it except point 3. Just because the engine that performs the analysis is not owned by the SIEM provider. In fact, I would like the option of including different analysis -even correlation- engines to see who provides the best results, or use under different circumstances. Kind of the same thing that I get with email/web security and multiple A/V engines. Maybe when the SIEM market reaches that level of maturity we will see that. -Adrian Nice post. The goal here is to provide a breadth of functionality without the end user having the underlying technology complexities shoved in their face.

Agree with almost all of it except point 3. Just because the engine that performs the analysis is not owned by the SIEM provider. In fact, I would like the option of including different analysis -even correlation- engines to see who provides the best results, or use under different circumstances. Kind of the same thing that I get with email/web security and multiple A/V engines. Maybe when the SIEM market reaches that level of maturity we will see that.

-Adrian

]]>