In past blog posts I have often cited the need for a scalable event data warehousing capability to keep up with data collection and analysis requirements to address compliance and security operations. After hearing from dozens of customers about how they’re using SenSage to address their most critical security and compliance challenges, I’ve decided to focus less on event data warehousing and more on how our customers and partners are using SenSage. Towards the end of 2009, we searched for a way to net it out. In the end, it was pretty easy - Security Intelligence. This term sounds lofty at first, but once you learn how we think about it, I think you will find it very down to earth.

Of course, Security Intelligence is a variation of Business Intelligence or BI. BI solutions leverage the data management capabilities provided by data warehouses to deliver decision support information to business managers. Well, that’s exactly what Security Intelligence provides: essential decision support for security, risk management and compliance operations. Done right, Security Intelligence solutions are open, flexible, and scalable like traditional data warehouses while delivering deep security context.

Improved decision support is exactly what today’s security, risk management and compliance professionals are looking for. Detection and response to cyber-threats, regulatory compliance risks and investigating system failures all require thorough but simplified analysis of massive amounts of event data. Whether responding to an incident in real time or drilling through terabytes of related events to investigate the related context or improving a control, security professionals are asking for better decision support solutions.

As compared to Business Intelligence solutions, this is a bit of a niche play. These solutions are tailored to meet the needs of security, risk management and compliance professionals. But compared to the traditional SIEM and log management point products which are built on flat files, Oracle, or, worse, closed database management systems, Security Intelligence is a more flexible and sustainable approach.

SenSage is at the forefront of this technology, delivering Security Intelligence solutions that unify SIEM, log management and controls monitoring through a single analytics environment and data management architecture. Our customers are capturing the benefits of decision support in the security management context, leading to technology consolidation and process improvements not easily accomplished with the point products noted above.

We’ll be talking about Security Intelligence quite a bit in the coming months. Drop me a line, I’d love to hear your perspective.

permalink