It's been almost a year since we wrote about the perils of mega-SIEM/SEM packages, and now it looks like industry analysts are starting to agree with us.
Take a look at the following Network World article entitled "SIEM tools come up short."
A key quote: "User interfaces were clunky, reports were incomplete, data parsing problems are still around, and when it came to trying to figure out what the heck was going on in our Windows environment, most products left us scratching our heads. (One could argue, however, that this is as much Microsoft's fault as
anyone else's.)"
Ouch! That left a mark.
It's a good thing for those organizations that there is at least one vendor that does Windows log management correctly. :)
We wonder if these mega-SIEM vendors have even gotten a handle on Vista, Server 2008, and the new EVTX log format. Something tells us the answer to that question is "no."
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment