You don’t have to be in the business of delivering software in the cloud to realize that SaaS-based services and cloud systems are rapidly replacing on-premises systems all over the enterprise – everything from payroll to customer invoice settlements. Multi-cloud environments (i.e. AWS, Azure, GCS, and other hybrid IT services) further open up the threat surface as potential compromises can pour in from multiple sources.
The cloud-based SIEM must become a universal, multi-tenant view of all hybrid IT: on-premises systems, public cloud and private cloud resources, with enterprise-wide monitoring, authorization and analytics that span all connected applications, user endpoints, and events.
This paper will discuss how security teams are turning the tables on a difficult to pin down enemy, through better recognition and categorization of threats in the wild, and a highly predictive SIEM platform for detection and response.