PORTFOLIO NEWS: TechCrunch: Duffl’s David Lin dishes on why traditional rapid grocery delivery is not working  Read More

BROADCAST: Consumers are ‘Frontloading’ Holiday Spending: Larry Cheng on Fox Business  Read More

TEAM NEWS: Tomy Han Ranked #24 on the Insider 71 rising-star VCs who shook up the industry in 2022  Read More

ANALYSIS: Rule of 40 Index, now live with time series data: Explore

VOLITION VIEWPOINTS: Five Ways to Build a Sustainable Execution Strategy (Hint: Be A Thermostat, Not A Thermometer)  Read More

TEAM NEWS: Volition Capital Vice President Claude de Jocas Named a 2022 Top Women Leader in Growth Investing  Read More

Volition Capital Announces Closing of Fund V with $675M in Capital Commitments: Volition Capital Announces Closing of Volition Capital Fund V, L.P. with $675M in Capital Commitments  Read More


Securonix in TechRepublic: How Next-Gen Cloud SIEM tools can give critical visibility to companies for effective threat hunting

Article originally published in TechRepublic by Scott Matteson

As a system administrator, I had quite a tech support ordeal the other day in which I found myself unable to access my company portal via the VPN connection from my home office. It took some time to get sorted out, during which the analyst I worked with apologized profusely, explaining they had had to implement some extremely rigorous security mechanisms to protect the company as nearly all of our employees work remotely.

That’s a common theme now as the pandemic continues to rage on, and entire disciplines are being implemented to address these security concerns yet also allow workers to remain productive.

I spoke to Augusto Barros, VP of solutions for Securonix, a security analytics and operations provider, to find out more about the available solutions to this worldwide challenge.

Scott Matteson: What are the challenges in dealing with prevalent threats to virtual workforces?

Augusto Barros: Security teams are no strangers to an ever-changing threat landscape. However, like the rest of the world, they were unprepared for the overwhelming onslaught of new challenges that resulted from the COVID-19 pandemic.

The SOC triad, i.e., the combination of network detection response (NDR), security information and event management (SIEM), and endpoint detection and response (EDR), traditionally enabled security teams to gain insight into threats against their on-prem environments. 

However, at the beginning of the COVID-19 pandemic, companies rushed to rapidly deploy solutions to enable remote work, significantly compromising SOC teams’ visibility and access to telemetry across data sources. Not only did this render teams blind to many new and emerging threats that have resulted from this scenario, but it also hindered their ability to determine a baseline for normal user behavior.

This new reality has also challenged traditional on-premises SIEM tools, which are struggling to collect the logs from all the newly deployed solutions. This immense amount of data requires many collection changes and updated content to address an emerging and unique group of threats.

Read the full article here.