Between SIEMonster, ELK, & OSSIM, there are several options out there for open-source SIEMs.
But, is the juice worth the squeeze?
Between cloud first strategies for SMBs & enterprises (many CSPs / IaaS providers offer add-on SIEM / ATP services), as well as the prevalence of MSSPs / SOCs, one may wonder if open-source SIEMs will ever hit critical mass?
Regardless, someone keeps building these solutions. So, there is demand. Also, startups may want to crawl before they sprint regarding TVM & SecEng.
No comments:
Post a Comment