Malicious actors are increasingly utilizing highly targeted, customized attacks to infiltrate enterprise networks and steal valuable data. To counteract those threats, enterprises are turning to security products such as next-gen firewalls , or NGFWs, and mobile device management, or MDM, suites. That doesn't mean that enterprises should ignore stalwart technologies such as security information and event management (SIEM) products, though, says network security expert Karen Scarfone, principal consultant at Scarfone Cybersecurity.
In this video interview, recorded at Information Security Decisions 2013, Scarfone provides an overview of the current SIEM market. First, she discusses how SIEM products have changed over the course of more than a decade. She then details how SIEM can be utilized in the increasingly vital area of incident detection and response. Finally, she explains how the SIEM market is adapting to a couple of key shifts in the enterprise security landscape, including the utilization of dynamic detection techniques and enterprises' increased desire for cloud-based deployments. SIEM technology may not be new anymore, but it can still play a role in security for today's corporate networks.