By Byron Acohido
Security Information & Event Management, or SIEM, systems, like Splunk, generate logs of all network traffic. Threat data pours in from next generation firewalls, endpoint security systems, intrusion prevention andÂ detection systems and vulnerability management systems. A growing crop of threat intelligence vendors are coming up with innovations to make better use of this ocean of threat data.
The key to truly leveraging the vast amounts of threat data collected in business networks arguable is machine learning. I had a lively discussion with Liviu Arsene, senior analyst at endpoint security vendor BitDefender at BlackHat. Give it a listen: