Our editors curated this list of the biggest SIEM news items during the first half of 2021, as highlighted on Solutions Review.
Cybersecurity is one of the most critical industries in the modern digital age, rapidly growing as more organizations release their own needs to defend against threat actors. The proliferation of cyber-attacks only continues to grow as well, with several high-profile ransomware attacks and data breaches serving as wake-up calls to businesses. Further, evidence suggests that customers abandon companies that suffer from data breaches en masse, as they no longer feel their data is safe with breached companies.
Part of Solutions Review’s ongoing analysis of the cybersecurity marketplace includes covering the biggest SIEM news stories which have the greatest impact on enterprise technologists. This is a curated list of the most important SIEM news stories from the first half of 2021. For more on the space, including the newest product releases, funding rounds, and mergers and acquisitions, follow our popular news section.
The Biggest SIEM News Items During the First Half of 2021
LogRhythm announced its acquisition of MistNet, a threat detection platform. MistNet provides cloud-based analytics to enhance visibility and threat hunting. According to a press release by LogRhythm, the acquisition expands the solution provider’s reach into the threat detection market and accelerates their entry into the XDR market.
According to the provider, “the acquisition [of MistNet] will allow LogRhythm to deliver intelligent, machine learning-based detection and response capabilities that incorporate network detection, user and entity behavior analytics (UEBA), endpoint detection and response data (EDR), and additional MITRE ATT&CK detections to solve current and emerging security and risk problems.” Additionally, the press release notes the acquisition will facilitate data collection.
SentinelOne announced its acquisition of Scalyr for $155 million in equity and cash. It appears the SentinelOne aims to use this deal to dive even more fully into the Extended Detection and Response (XDR) market.
Tomer Weingarten, co-founder and CEO of SentinelOne, commented on the acquisition. “Scalyr’s big data technology is perfect for the use cases of XDR, ingesting terabytes of data across multiple systems and correlating it at machine speed so security professionals have actionable intelligence to autonomously detect, respond, and mitigate threats.”
“This is a dramatic leap forward for our industry – while other next-gen products are entirely reliant on SIEM integrations or OEMs for point in time data correlation and response, SentinelOne uniquely provides customers with proactive operational insights from a security-first perspective. The combination of Scalyr’s data analytics with our industry-leading AI capabilities ushers in a new era of machine-speed prevention, detection, and response to attacks across the enterprise.”
Palo Alto Networks announced its intentions to acquire Bridgecrew, a developer-first cloud security company. According to a press release, Palo Alto Networks plans to spend $156 million in cash for the acquisition; the proposed acquisition is expected to close during Palo Alto Networks fiscal third quarter.
In a blog post, Chief Product Officer Lee Klarich stated the following concerning shift left security and the cloud: “To give you an idea of the current challenges faced by customers as organizations embrace the cloud, the number of developers rapidly pushing code into the cloud outnumbers the security professionals tasked with monitoring these changes for security issues by 10 to 1. As security teams mature their runtime security practices, this puts back-pressure on the developers to fix issues found after deploying to production. The imbalance not only risks delays in application deployments but also results in security missteps at the application development stage that may leave clouds exposed for attack and can be much more costly to fix when found after product release.”
The Microsoft Exchange Hack, covered previously in this article, continues to wreak havoc on businesses and governments around the world. Microsoft, working with RiskIQ, has been working tirelessly to close the discovered vulnerabilities. At the time of writing, the two solution providers closed 95 percent of all vulnerable or infected servers.
However, Check Point Research discovered the number of attempted attacks has increased tenfold as a direct result of the Microsoft Exchange Hack. 700 record attack attempts occurred on March 11 whereas over 7,200 occurred on March 15. Most of these targeted government and military networks, with the United States among the most targeted countries.
Deep Instinct announced raising $100 million in a Series D funding round. BlackRock led the funding round, with further participation from Untitled Investments, The Tudor Group, Anne Wojcicki, and existing investors. This brings total investment in the cybersecurity vendor to $200 million to date.
Guy Caspi, CEO of Deep Instinct, gave a statement with the announcement. “As we enter a new phase of hyper-growth, this investment round will significantly expand our go-to-market capabilities while at the same time increase our best-in-class deep learning research and product development groups. These groups will focus on further developing the company’s unique deep learning platform beyond endpoint into cloud, network, and storage to meet the accelerating needs of our customers in the face of more sophisticated threats and breaches.”
Exabeam announced raising $200 million in its latest funding round, a Series F growth round at a valuation of $2.4 billion. Owl Rock, a division of Blue Owl Capital, led the round, supported by existing partners. Additionally, Exabeam welcomed Michael DeCesare as its new CEO and President.
Mr. DeCesare gave a statement. “Exabeam defined the user entity and behavior analytics (UEBA) security technology category and is a leader in the security information and event management (SIEM) market. Innovation is in our DNA. We are reimagining the threat detection, investigation, and response (TDIR) problem with an open extended detection and response (XDR), offering automation and use case-specific content so security analysts can quickly defend against threats, which is a true game-changer for security teams.”
Those are our picks for the biggest SIEM news items during the first half of 2021. For more on Solutions Review’s market analysis, check out the SIEM Buyer’s Guide.
- More Expert Commentary and Coverage of the GetHealth Exposure - September 14, 2021
- GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records - September 13, 2021
- Panther Labs Releases State of SIEM 2021 Report - September 13, 2021