Is SIEM dead? If yes, in favor most of what? XDR or something else? If no, will it be one day and why do you think so?

Security & GRC
3k views1 Upvote4 Comments
Senior Information Security Manager in Software, 501 - 1,000 employees
No.

Most of the ones who say SIEM is dead are those who have failed SIEM deployments.

SIEM is a major enterprise initiative and requires a lot of planning. Where SIEM fails is often due to firms thinking they can deploy and use it with a few clicks.

 
1
Information Security Officer in Government, 1,001 - 5,000 employees
I would say no to that, most SIEM's do take a process to implement especially those that require linux VM instances. On the long term horizon automation through AI notifications straight to your security console just might replace all current SIEM's.
CISO in Software, 10,001+ employees
It is far from dead.  Yes, they are evolving and are more than just log collection, correlation and analytics, but lets be realistic.  They are required for audits, compliance and forensics for historical purposes.  They are not forecasted to disappear any time soon.
1
CIO in Education, 51 - 200 employees
Despite assertions to the contrary, SIEM is not dead. SIEM is a different tool to EDR/XDR but it very much has a place in your infosec ecosystem. Some of the issues I've seen with SIEM adoption and use relate more to poor deployment / poor understanding of use cases and use case design / insufficient resourcing to help creating use cases / rulesets / dashboards / pricing models etc.

There's, by and large, almost always going to be a need for the ability to analyse and correlate logs to comprehensively investigate security incidents. SIEM fills other regulatory requirements too, and I prefer to see SIEM as an accompaniment to EDR/XDR capability rather than a tool that's replaced by EDR/XDR. 

Content you might like

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
42.1k views131 Upvotes319 Comments

Which of the following measures do you have in place to safeguard against ransomware attacks?

Security & GRCRisk ManagementCrisis Management

Cyber insurance with ransomware coverage44%

Law enforcement contact(s)44%

Ransomware response plan59%

Ransomware task force/team39%

Bitcoin account for ransomware payments14%

Disaster recovery site33%

Other (comment below)1%


572 PARTICIPANTS
1.8k views

Where do HR and other non-security/IT departments fit into your insider risk management strategy/program? What role do they currently play?

Security & GRCRisk ManagementThreat & Vulnerability Management+1 more
Read More Comments
4.4k views1 Upvote7 Comments

What is your organization's main driver to secure your mobile payment application(s)?

Security & GRC

Fraud mitigation19%

Protection of reputation and brand56%

Protection of consumer data19%

Regulatory or compliance requirements6%


171 PARTICIPANTS
797 views

How does your company handle AD accounts after a person leaves the company?  We have been changing the passwords, disabling them, and moving them to a separate OU, but I'm interested to hear if you do anything else.

Security & GRC
Product development engineer in Manufacturing, 201 - 500 employees
whattt
Read More Comments
1.2k views2 Comments