Cybersecurity is constantly evolving in response to emerging threats, customer demands and technological breakthroughs. Nowhere is this transformation more apparent than in the domain of security logging and analytics. Since the term SIEM — or security information and event management — was first coined in 2005, the SIEM product category has adapted and reinvented itself multiple times, while subsuming a number of other technologies along the way.
Early SIEM tools laid the foundation for today’s full-featured threat detection and incident response platforms that now serve as the command centers for most enterprise SOCs. But while SIEMs have matured, adding an array of capabilities to outsmart adversaries, many are still shackled by decades-old architectures that hinder search speed, scale and efficiency. And now, a new wave of industry trends is set to upend the SIEM and log management markets once again. Let’s take a look at the changes forcing organizations to rethink their security logging strategies.