Managed SIEM – Reduce the Noise

August 26, 2014 Arctic Wolf Networks

Even a free solution is expensive in terms of your time and resources necessary for security event management. Adding more products, alerts and events does not always improve security – often it adds more noise that must be filtered out, or worse yet ignored. Investment of resources should be focused on managed SIEM solutions that reduce the noise to deliver results you can act upon to reduce risk.

Case in point: Watching open source security event management solutions and threat ratings within an IT community. Provided for free with platform integration, the impact on resources at first appears minimal. Then a stream of malicious IP ratings for known vendor web services appears, and you have time sink and increasing noise factors. Reactions range from turning off the solution to asking “Why,” which only increases the time invested.

Lack of context for the malicious IP ratings will raise more questions, followed by do-it-yourself advice on how to investigate. The time sinks get worse, frustration develops, and your risk profile remains unchanged. The net impact is that the “free” solution increases your noise factor and consumes valuable resources for security event management.

A more intelligent approach is to start with a goal of reducing your noise factor, increasing time-to-value, and improving resource utilization. You can obtain this with managed SIEM solutions acting as an extension of your IT security team. The service runs false positives to ground, works daily with the latest big data security tools, and is rewarded for finding intelligence you can act upon. This is a win-win solution, as the results save time and money and reduce risk.

[divider type=”space_thin”]
Tom Clare, Head of Corporate & Product Marketing
Arctic Wolf Networks
[divider type=”space”]

Previous Article
HP network security report highlights increased need for enterprise cybersecurity

This week HP released a report with the findings of a national survey of IT professionals, unveiling the mo...

Next Article
PlayStation Network knocked offline after being hit by cyberattack

Sony's PlayStation Network was knocked offline over the weekend after being hit by a distributed denial of ...

×

Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Company
!
Thanks for subscribing!
Error - something went wrong!