ACTON, Mass.--(Security Information and Event Management (SIEM) products no longer provide enterprises and government agencies with the ability to tackle modern cyber threats and insider attacks. According to a recent survey conducted by eIQnetworks, while point SIEM products provide useful data, they lack visibility across a broader set of security elements needed to detect the increasing number of data breaches and other successful cyber attacks on corporate and government enterprises. As a result, these products fail to provide timely and accurate actionable information that would quickly allow them to identify an attack while it is taking place, and enable security professionals to repel or mitigate the attack before significant damage is done.)--Two-thirds [65 percent] of senior security professionals at Global 5000 and federal organizations say traditional
John Linkous, vice president and chief security and compliance officer at eIQnetworks, explains, “Just as signature-based technologies long ago stopped being the only effective line of defense for enterprise and government networks, the SIEM approach of relying entirely on logs and other event-based information to effectively address modern enterprise threats is now dead, as well. The tremendous number of successful, advanced persistent attacks in the last six months have demonstrated that SIEM products alone simply do not provide the capability for security analysts and system administrators to timely and accurately identify an attack, and take action in real time.”
“Our survey suggests that security professionals are looking for a new approach to securing large distributed networks that gives security analysts visibility of all security and compliance data - not just logs and events - in a unified view via a single, integrated console. It also appears that they are not alone in this opinion – Gartner released a research note in July, ‘Delivering Situational Awareness’ (ID# G00214313), highlighting the need for situational awareness in large distributed networks.”
For more information about how SIEM is Dead, visit: http://www.eiqnetworks.com/resources/SIEM_is_DEAD.php
Notes to editor
eIQnetworks is the developer of SecureVue®, a revolutionary new security platform serving some of the largest enterprises around the world, including government, financial, telecommunications, retail and healthcare. SecureVue delivers an accurate, timely and coherent view of the threat, compliance and risk posture via a single console. It also provides real-time continuous security monitoring, compliance automation, configuration auditing and forensic analysis, all in a single solution - essential functions in the proactive protection of an organization’s infrastructure against cyber attacks, advanced persistent threats (APTs), data breaches and policy violations. SecureVue gives users the ability to identify threats quickly and take action to repel them or minimize damage caused.
eIQnetworks is a privately held company headquartered in Acton, Mass. For more information, visit: http://www.eiqnetworks.com.
All trademarks recognized.