![]() ![]() It also integrates with Active Directory. It uses APIs to integrate with other security products, including SIEMs, vulnerability management tools, and threat intelligence feeds. It combines big data analysis and machine learning to help sort through alerts and improve its ability to prioritize, and is built around the Couchbase’s NoSQL database. Siemplify is deployed as a virtual appliance and can run on premises or in the cloud. Stern says that while a SIEM aggregates alerts, his software provides context to help operations and analyst teams decide which alerts to respond to. “We are trying to make sense of security information and provide security ops with a platform to analyze data from all the sensors and systems, pinpoint threats, and quickly understand and respond to threats,” said founder and CEO Amos Stern in an interview. In fact, the startup’s initial target market is companies that already have SIEM or log analysis tools in place. The startup Siemplify aims to pick up where correlation products leave off with threat analysis software that adds more context and visualization to speed response. Security Information and Event Management (SIEM) products came to market around 15 years ago to help with information overload by correlating events among disparate security devices, but they haven’t always delivered on their promise of greater visibility. Firewalls, IDS/IPSs, AV, and a host of other systems generate tons of logs and alerts, forcing security operators and admins to sift through piles of notifications to find relevant information during investigations. ![]() Most companies don’t lack for security products-and that’s become a problem. ![]()
0 Comments
Leave a Reply. |