Comprehensive software reviews to make better IT decisions
Google’s Backstory SIEM Offers Unprecedented (but Potentially Risky) Data Collection Capabilities
Chronicle’s Backstory marks Google’s first foray into the SIEM industry by introducing a SIEM that claims full data retention “forever.” Organizations must weigh the benefits of Backstory’s cloud-based SIEM against their perceptions of Google’s data collection practices.
Backstory will use the data it collects from customers to make more sophisticated analytics that may affect the privacy of data users and complicate data ownership.
Rather than store a company’s logs on-premises, Backstory enables users to store their security telemetry via a cloud service built as a specialized layer on top of Google’s core infrastructure. While not necessarily a part of Google, as Chronicle is subject to separate legal and privacy agreements, organizations may still remain suspicious of storing corporate data with Chronicle.
While Chronicle claims that it improves an analyst’s capabilities to find and respond to threats by providing petabytes of their own data without requiring them to write rules or queries, the decision to store all of an organization’s data that was ever created might raise concerns over data ownership and data retention. Nevertheless, the massive amount of data that Backstory can collect represents an impressive development in what current SIEM storage and machine learning may be capable of, and could very well be a game-changer for the SIEM market.
Organizations should do their due diligence whenever they commit to any SIEM platform, and Chronicle’s Backstory should be no different. While Backstory’s link to Google offers significant advantages to organizations such as speed and a massive amount of historical data on security threats, it may or not may not be right for an organization’s level of acceptable risk around how its data is stored and used.
Further, organizations should keep in mind current and upcoming regulations such as GDPR and CCPA that generally require specific data retention policies that might complicate Backstory’s claims that it can retain data forever.
Want to Know More?
Azure Sentinel: What is it, What are the Four Key Security Fundamentals, and Why You Should Know About It
Microsoft’s cloud Security Incident Event Management (SIEM) solution leverages modern day enhancements such as Security Orchestration Automated Response (SOAR), Machine Learning (ML), and Artificial Intelligence (AI).
In today’s world many security teams require a simplified holistic method to consolidate disparate log data, threat anomalies, and responses. Due to these pressured requirements, organizations across the world are adopting or considering cloud-native Security Information and Event Management (SIEM) solutions.
Global Security Information and Event Management Market Size Is Expected to Reach $6 Billion by 2026
KBV Research released its Global Security Information and Event Management (SIEM) Market Forecast report last month. In light of the recent COVID-19 pandemic, the SIEM market report highlights continued growth for the security solution and offers insights into how SIEM will continue to be essential for enterprises going forward.
As the Security Information and Event Management (SIEM) market continues to grow, organizations now have more options than ever to decide which SIEM is right for them. While SIEM vendors continue to innovate, the final decision often comes down to price. In the second of this five-part series on SIEM pricing, we will dive into pricing by data volume.
With its announcement of SvKMS, StorMagic, known for leading-edge storage solutions, has officially entered the security marketplace. SvKMS provides key management for any application that requires encryption in any location – edge, datacenter, or cloud – the proverbial magic bullet for KMS.
The impact of COVID-19, as it became a global pandemic in Q1 of 2020, has affected user sentiment toward software during a growing period of fear, uncertainty, and doubt. To analyze the impact, SoftwareReviews compared Satisfaction (willingness to recommend to a peer), ability to deliver Business Value (fair cost to value), and Likeliness to Renew prior to March 10 and post March 10.
As the SIEM market continues to grow, organizations have more options than ever to decide which SIEM is right for them. In the first of this five-part series on SIEM pricing, we investigate the different pricing options and what these mean for organizations looking to invest in a SIEM.
Cisco is beginning to lose patience with its Zoom interoperability after another Zoom security risk: access for the Zoom Connector for Cisco hosted on zoom.us did not require authentication, allowing external users to join a Zoom meeting without password credentials.
Avaya’s newly released firmware addresses a vulnerability that has survived for 10 years in VoIP phone models configured with H.323 signaling.