NEW INVESTMENT: Volition Capital Invests $10.5M in Screenverse  Read More

VOLITION NEWS: Pete Lamson Joins Volition Capital as COO & Head of Portfolio Operations  Read More

NEW INVESTMENT: Volition Invests $20M in HALO  Read More

VOLITON NEWS: Volition Capital Named a Top Growth Equity Firm of 2023 by GrowthCap  Read More

NEW INVESTMENT: Volition Invests $10M in Relish  Read More

2 MIN READ

Securonix in TechRepublic: How Next-Gen Cloud SIEM tools can give critical visibility to companies for effective threat hunting

Article originally published in TechRepublic by Scott Matteson

As a system administrator, I had quite a tech support ordeal the other day in which I found myself unable to access my company portal via the VPN connection from my home office. It took some time to get sorted out, during which the analyst I worked with apologized profusely, explaining they had had to implement some extremely rigorous security mechanisms to protect the company as nearly all of our employees work remotely.

That’s a common theme now as the pandemic continues to rage on, and entire disciplines are being implemented to address these security concerns yet also allow workers to remain productive.

I spoke to Augusto Barros, VP of solutions for Securonix, a security analytics and operations provider, to find out more about the available solutions to this worldwide challenge.

Scott Matteson: What are the challenges in dealing with prevalent threats to virtual workforces?

Augusto Barros: Security teams are no strangers to an ever-changing threat landscape. However, like the rest of the world, they were unprepared for the overwhelming onslaught of new challenges that resulted from the COVID-19 pandemic.

The SOC triad, i.e., the combination of network detection response (NDR), security information and event management (SIEM), and endpoint detection and response (EDR), traditionally enabled security teams to gain insight into threats against their on-prem environments. 

However, at the beginning of the COVID-19 pandemic, companies rushed to rapidly deploy solutions to enable remote work, significantly compromising SOC teams’ visibility and access to telemetry across data sources. Not only did this render teams blind to many new and emerging threats that have resulted from this scenario, but it also hindered their ability to determine a baseline for normal user behavior.

This new reality has also challenged traditional on-premises SIEM tools, which are struggling to collect the logs from all the newly deployed solutions. This immense amount of data requires many collection changes and updated content to address an emerging and unique group of threats.

Read the full article here.

ALL ARTICLES
BACK TO TOP

Consent(Required)
This field is for validation purposes and should be left unchanged.

Consent(Required)
This field is for validation purposes and should be left unchanged.

Consent(Required)
This field is for validation purposes and should be left unchanged.

Consent(Required)
This field is for validation purposes and should be left unchanged.