{"id":448,"date":"2016-05-27T12:44:17","date_gmt":"2016-05-27T16:44:17","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=448"},"modified":"2016-10-25T10:52:51","modified_gmt":"2016-10-25T14:52:51","slug":"448","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/","title":{"rendered":"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation"},"content":{"rendered":"<p><span style=\"color: #000000\"><a class=\"j-author-name\" style=\"color: #000000\" title=\"EricJohansenCISSP\" href=\"https:\/\/www.slideshare.net\/EricJohansenCISSP?utm_campaign=profiletracking&amp;utm_medium=sssite&amp;utm_source=ssslideview\" rel=\"author\"><div class=\"column one-fourth\"><\/a><\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #000000\"><a class=\"j-author-name\" style=\"color: #000000\" title=\"EricJohansenCISSP\" href=\"https:\/\/www.slideshare.net\/EricJohansenCISSP?utm_campaign=profiletracking&amp;utm_medium=sssite&amp;utm_source=ssslideview\" rel=\"author\"><\/div><\/a><\/span><\/p>\n<div class=\"column half\"><p><iframe loading=\"lazy\" title=\"Security Analytics for Data Discovery - Closing the SIEM Gap\" src=\"https:\/\/www.slideshare.net\/slideshow\/embed_code\/key\/erf4VyjUBMXQbr\" width=\"427\" height=\"356\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" style=\"border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;\" allowfullscreen> <\/iframe> <\/p>\n<div style=\"margin-bottom:5px\"> <strong> <a href=\"https:\/\/www.slideshare.net\/EricJohansenCISSP\/security-analytics-for-data-discovery-closing-the-siem-gap\" title=\"Security Analytics for Data Discovery - Closing the SIEM Gap\" target=\"_blank\">Security Analytics for Data Discovery &#8211; Closing the SIEM Gap<\/a> <\/strong> from <strong><a href=\"https:\/\/www.slideshare.net\/EricJohansenCISSP\" target=\"_blank\">Eric Johansen, CISSP<\/a><\/strong> <\/div>\n<p><span style=\"color: #000000\"><a class=\"j-author-name\" style=\"color: #000000\" title=\"EricJohansenCISSP\" href=\"https:\/\/www.slideshare.net\/EricJohansenCISSP?utm_campaign=profiletracking&amp;utm_medium=sssite&amp;utm_source=ssslideview\" rel=\"author\"><\/div><\/a><\/span><\/p>\n<div class=\"column one-fourth last\"><\/div><div class=\"clear\"><\/div>\n<p>A presentation from\u00a0<a class=\"j-author-name\" style=\"color: #000000\" title=\"EricJohansenCISSP\" href=\"https:\/\/www.slideshare.net\/EricJohansenCISSP?utm_campaign=profiletracking&amp;utm_medium=sssite&amp;utm_source=ssslideview\" rel=\"author\">Eric Johansen, CISSP<\/a>\u00a0Sr. Solution Architect, Immediate Insight at Firemon<\/p>\n<p><em>&#8220;Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis <\/em>needs required<em> for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to be helpful for on-demand data analysis. <\/em><\/p>\n<p><em>In this session we\u2019ll explore new security analytics technologies \u2013 rapid search, natural language, pattern-based correlations, and unstructured data \u2013 that can extend the on-demand data analysis of the SIEM to improve threat hunting and accelerate incident response.&#8221;<\/em><\/p>\n<p>Presented at AusCERT: May 25, 2016.<\/p>\n<br \/>Widget not in any sidebars<br \/>\n<br \/>Widget not in any sidebars<br \/>\n","protected":false},"excerpt":{"rendered":"<p>A presentation from\u00a0Eric Johansen, CISSP\u00a0Sr. Solution Architect, Immediate Insight at Firemon &#8220;Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis needs required for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to [&hellip;]<\/p>\n","protected":false},"author":24,"featured_media":449,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4],"tags":[218,57,22],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation<\/title>\n<meta name=\"description\" content=\"Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis\u00a0needs required\u00a0for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to be helpful for on-demand data analysis.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation\" \/>\n<meta property=\"og:description\" content=\"Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis\u00a0needs required\u00a0for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to be helpful for on-demand data analysis.\u00a0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2016-05-27T16:44:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2016-10-25T14:52:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"638\" \/>\n\t<meta property=\"og:image:height\" content=\"359\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jeff Edwards\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jeff Edwards\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/\",\"name\":\"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg\",\"datePublished\":\"2016-05-27T16:44:17+00:00\",\"dateModified\":\"2016-10-25T14:52:51+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\"},\"description\":\"Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis\u00a0needs required\u00a0for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to be helpful for on-demand data analysis.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg\",\"width\":638,\"height\":359},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\",\"name\":\"Jeff Edwards\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"caption\":\"Jeff Edwards\"},\"description\":\"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.\",\"sameAs\":[\"https:\/\/solutionsreview.com\",\"https:\/\/x.com\/InfoSec_Review\"],\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jedwards\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation","description":"Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis\u00a0needs required\u00a0for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to be helpful for on-demand data analysis.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/","og_locale":"en_US","og_type":"article","og_title":"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation","og_description":"Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis\u00a0needs required\u00a0for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to be helpful for on-demand data analysis.\u00a0","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2016-05-27T16:44:17+00:00","article_modified_time":"2016-10-25T14:52:51+00:00","og_image":[{"width":638,"height":359,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg","type":"image\/jpeg"}],"author":"Jeff Edwards","twitter_misc":{"Written by":"Jeff Edwards","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/","name":"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg","datePublished":"2016-05-27T16:44:17+00:00","dateModified":"2016-10-25T14:52:51+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6"},"description":"Although SIEM has been the cornerstone of security data analysis for years, it has struggled to meet the data triage and analysis\u00a0needs required\u00a0for incident response and hunting. It is too slow, difficult to use, and is often inadequately tuned or maintained to be helpful for on-demand data analysis.\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/448\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Firemon-presentation.jpg","width":638,"height":359},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/448\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Close the SIEM Gap With Security Analytics for Data Discovery, A Firemon Presentation"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6","name":"Jeff Edwards","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","caption":"Jeff Edwards"},"description":"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.","sameAs":["https:\/\/solutionsreview.com","https:\/\/x.com\/InfoSec_Review"],"url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jedwards\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/448"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=448"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/448\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/449"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=448"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=448"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=448"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}