While organizations are still relying heavily on log management or SIEM platforms, only a small percentage are confident about their ability to analyze large data sets for security trends, according to the newly released SANS Security Analytics Survey.
Guidance Software recently co-sponsored the survey with Hewlett-Packard, Hexis Cyber Solutions (a KeyW Company), LogRhythym, and SolarWinds on awareness and use of analytics and intelligence to augment current monitoring practices.
Highlights of the SANS survey include:
- Many organizations are still dependent on log management (49 percent) and SIEM platforms (47 percent)
- Only 17 percent are using advanced threat intelligence and profiling databases
- Just 10 percent felt confident that their organizations have the ability to analyze large amounts of data
- 77 percent are collecting logs and monitoring data from various systems and security devices.
These results tell us that the market is in need of analytics and intelligence wrapped around the data that is being (and can be) collected in respondent organizations. In order to survive, enterprises must implement proactive security measures, like systems that provide visibility into anomalous behavior across all endpoints of the network. EnCase® Analytics was developed for precisely this purpose.