Looking for Meaning in SIEM

Michael Vizard

It feels like the whole issue of making it easier to correlate log information with system and security events is finally getting some long overdue attention.

For example, ArcSight this week announced a new version of Log Manager that makes it easier to search information, while Splunk delivered a free tool for searching logs that is becoming increasingly popular.

But while there are a number of well-established players in the security information event management (SIEM) market, the need to find more efficient ways to track systems events is also attracting startups companies to what was once considered one of the more mundane areas of IT.

One relative newcomer is SenSage, which provides a database that can track events in real time underneath its security event information offering.

According to SenSage CEO Joe Gottlieb, the SenSage database runs in memory to make it easier to correlate events in real time so IT administrators can be made aware of events as they happen based on updates to the database and alerts that are then automatically generated. In effect, that means that instead of the IT administrator having to search for the logs, relevant system event information can now find them and then automatically trigger compliance and risk management policies.

There is a much greater appreciation for log management in particular and SIEM in general. IT organizations will need to determine how much of that information they need, and when. For some, the answer to that last question is "yesterday."



Add Comment      Leave a comment on this blog post
Sep 24, 2010 2:09 PM Anonymous Anonymous  says:
>One relative newcomer is SenSage That is quite delusional. SenSage has been trying (and mostly failing) since about 2002. They got that name in 2004 but were in business before that. Reply
Apr 18, 2011 10:04 AM VCP-410 VCP-410  says:
Thank you for taking the time to publish this information very useful! Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.