Applet

Security analytics News

View All News

Security analytics Get Started

Bring yourself up to speed with our introductory content

  • Will it last? The marriage between UBA tools and SIEM

    The failure to detect insider threats and a growing need to store and sort through massive amounts of data have drawn attention to user behavior analytics, sometimes called user and entity behavior analytics. According to Gartner, UBA tools deliver value for use cases such as compromised accounts, including stolen and phished credentials. They can also be used to find compromised systems and data exfiltration.

    Security platforms like data loss prevention, endpoint security and cloud access security brokers will increasingly layer or incorporate UBA features to help analyze alerts and make underlying technology more useful, according to analysts. SIEM and UBA are also converging, with SIEM vendors adding UBA tools and UBA vendors building SIEM systems.

    In this issue of Information Security magazine, we look at the dynamics around UBA and strategies for CISOs going forward. UBA vendors are releasing product suites targeted at security operations centers, today built around SIEM. What does the future hold for standalone UBA tools? We look at time to value and use cases, and help you sift through the noise.

     Continue Reading

  • Security analysis principles and techniques for IT pros

    The drive for greater security fuels IT more than ever, but fighting infosec threats depends on locating the right data sets and analyzing them efficiently. Continue Reading

  • Tactics for security threat analysis tools and better protection

    Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool. Continue Reading

View All Get Started

Evaluate Security analytics Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

View All Evaluate

Manage Security analytics

Learn to apply best practices and optimize your operations.

  • User behavior analytics leads the security analytics charge

    Will no longer playing by the rules help companies find insider threats? As user and entity behavior analytics gets closer to SIEM tools, enterprises take notice. Continue Reading

  • MSSPs add advanced threats as managed security services gain hold

    Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading

  • The managed security provider comes knocking

    A constantly evolving threat landscape and a deepening skills crisis has more enterprises looking to a managed security service provider for help handling some of their security requirements. The trend is expected to drive strong demand for MSSPs over the next few years, especially in areas like intrusion prevention and detection systems, distributed denial-of-service mitigation, unified threat management and security information and event management (SIEM). Estimates for the overall size of the global market over the next few years range from the low $20 billion to $35 billion. That makes it one of the fastest growing segments in the security industry. What are the factors CISOs need to consider when choosing a managed security provider and what are some best practices for getting the most out of these relationships?

    Enterprises have a range of options for using such services, from managed on-premises or managed customer-premise equipment services to fully outsourced, cloud-hosted options. A hybrid security model has worked for Arlington County in Virginia. The local government's security operations center is managed by in-house engineers who inherently know the network and are better positioned to respond to SIEM alerts from the MSSP. "We preferred the hybrid approach because we had the seasoned staff available to perform this aspect of the security practice," CISO David Jordan said. "It's a positive and successful approach, and the results are repeatable."

    Much of the managed security provider growth is being driven by the need for increased security and compliance measures at small to medium-sized businesses. In this issue of Information Security magazine, we look at the evolution of the managed security provider and the best ways to handle these partnerships.

     Continue Reading

View All Manage

Problem Solve Security analytics Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

View All Problem Solve