By now it’s accepted that SIEM is a foundational technology for both securing a network from threats as well as demonstrating regulatory compliance. This definition from Gartner says: “Security information and event management (SIEM) technology supports threat detection and security incident response through the real-time collection and historical analysis of security events from a wide variety of event and contextual data sources. It also supports compliance reporting and incident investigation through analysis of historical data from these sources. The core capabilities of SIEM technology are a broad scope of event collection and the ability to correlate and analyze events across disparate sources.”
However, SIEM is not fit-and-forget technology, nor is it technically simple to implement and operate. In order to bring the benefits of SIEM technology to the small network, with a decade of experience behind us, we developed EventTracker Essentials to address the problems beyond mere technology. Here’s three specific advantages:
1) No hardware to procure or maintain
EventTracker Essentials is hosted in our Tier-1 data center freeing you from having to procure, maintain and upgrade server class hardware. Disk in particular is a challenge. Log data grows exponentially and while consumer disk cost is relatively inexpensive, the same cannot be said for business class disk cost.
2) More data? Fixed cost!
The hallmark of a successful SIEM implementation is growing volumes of data. Many SIEM solutions are priced based on log volume indexed or received (the so-called events per second). More data inevitably means more unforeseen cost. With EventTracker Essentials, you get simple t-shirt sizing (Small, Medium, Large) and you can leave both the cost and implementation of data storage to us.
3) Skill shortage
There is an African proverb that says, “It takes a village to raise a child.” In fact, it takes various skills to RUN and WATCH a SIEM solution. This specific problem is why many SIEM implementations become shelfware. Writing and tuning detection rules, performing incident investigations, and understanding how to search means that analysts need both security knowledge and specialized SIEM tool expertise. The IT Security space has zero unemployment, high staff acquisition costs and ongoing training costs. Buying a SIEM solution is easy. There are many providers and an end-of-quarter discount is always around the corner. Getting value from it? Not so much. With EventTracker Essentials, we start with a proper implementation (after all as Aristotle noted, well begun is half done) and then our 24/7 Security Operations Center escalates P1 events to your team.
EventTracker Essentials delivers visibility and detection across your enterprise. Not just technology…results!
We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.