SAO vs. SIEM security suites: And the winner is…


Security information and event management (SIEM) suites offer organizations a security blanket against cyber attacks, but that blanket has become frayed for many SIEM shops.

As many as one in three SIEM owners are dissatisfied with their SIEM system’s performance, according to a report released in July by Osterman Research and Cyphort, maker of a threat detection, analytics, and mitigation platform.

“Moreover,” the report noted, “although most decision makers agree that their SIEMs help them identify the most serious security threats their organizations face, they mostly disagree that their SIEMs provide adequate scalability, threat investigation, and threat analysis capabilities.”

Managing a SIEM is also a sore point among some owners of the products. According to the report, two full-time equivalent staff are needed to manage a SIEM for every 1,000 users.

SIEM systems have enough shortcomings to lead information security teams to seek alternatives. One possibility for overcoming the drawbacks of SIEMs is security automation and orchestration (SAO) tools.

How do you know if you need a SIEM system?

Read the article in TechBeacon, with comments from EventTracker’s CEO, A.N. Ananth, here.