Sounds like a handy tool for SIEM to solve a key problem:
IT managers are collecting all network and application data for security and compliance reasons, but the sheer volume of the data makes it difficult to detect problems in a timely manner or correlate events, Jerry Skurla, executive vice-president of marketing at NitroSecurity, told eWEEK. Many log-management tools are not effective or efficient, and can’t test analyze all collected data, he said. He cited a 2010 data breach survey conducted by the Verizon RISK team in conjunction with the United States Secret Service that found 86 percent of data-breach victims had evidence of the breach in their logs but they hadn’t been able to find the information in time.
But the key, as always:
“You tell us what is important to you, and we will show you the relevant information,” Skurla said.
If you don’t know what to watch for, you’ll still miss it.