Security Information And Event Management
There is a huge problem that is being misconstrued
Detection capabilities are not meeting organization risk tolerance levels and, often, the solutions picked to solve this problem are wrong. Companies invest large sums of money into SIEM products and some have even fallen into a pattern of rip and replace every couple year, blaming SIEM products for lack of detection. It is not uncommon for companies to deploy multiple SIEM products due to hierarchical structures or departments having separate budgets and authority.