Security School

Browse Sections


This content is part of the Security School: Improving security management with SIEM
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

The top five lies you may have heard about SIEM systems

SIEM technology is rapidly advancing but is no silver bullet against advanced persistent attacks. Mike Rothman corrects the top five lies and explains how a SIEM really works.

There's a lot of hype flying around in regards to SIEM technology. In this podcast, TechTarget's Brandan Blevins and security pro Mike Rothman count down the top five lies circulating about SIEM. Rothman sets the record straight on many points, including whether new SIEM products are the holy grail when it comes to defeating advanced persistent threats and what role a SIEM device can really play when it comes to generating compliance reports. Rothman cuts through vendor hype about how easy SIEM is to install and trouble-free to manage and examines how it does, and does not, work with big data.

SIEM is no "set it and forget it" technology, Rothman explains, but it is incredibly valuable in a security architecture. What must be done, among other things, is to avoid falling for the SIEM hype, and focus on learning how to optimize it for a specific environment. The newest SIEM systems are vastly improved over older tools, but they perform best only when steered by people with the math and data skills required to tweak the rule sets and other elements.

Listen to the podcast to correct any misinformation you may have picked up about SIEM and learn how to get behind the wheel and steer this advanced tech in the right direction.


About the expert: Mike Rothman is president of Securosis, an independent information security research and consulting firm. Having spent over 15 years as an end-user advocate for global enterprises and mid-sized businesses, Rothman's role is to educate and stimulate thought-provoking discussion on how information security contributes to core business imperatives. Rothman previously was the first network security analyst at META Group, held executive level positions with CipherTrust and TruSecure, and was a founder of SHYM Technology.


Next Steps

Learn how to update your SIEM strategy
What SIEM products work best?
This was last published in July 2014

Dig Deeper on SIEM, log management and big data security analytics

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.