The simple solution to SIEM

Opinion by Dan Raywood

Last week I met with a company that introduced itself as a vendor in the 'change management' space.

Last week I met with a company that introduced itself as a vendor in the 'change management' space.

Figuring that change management was a new term for me, I spoke with UK and Ireland country manager of NetWrix, Aidan Simister, who said that despite only being at the company for five months, he was "passionate about the technology".

Explaining that change management was a stripped-down version of security information and event management (SIEM), Simister said there was a need for IT managers to understand what was going on inside the organisation.

“What we offer is not an SIEM package, it is software, so not a box which tells you what has been changed and to what technology in the IT infrastructure. If it looks like Active Directory then that is all the information you need; you print a report for the auditors, but it will not do intrusion detection or automated actions,” he said.

“What people want to know is what was changed, where and how. There are no boxes, so you can put this where you like; we want to keep this simple and give them what they want to know.”

The SIEM space has moved on in huge leaps over recent years, with NitroSecurity now part of McAfee (and therefore Intel), Q1 acquired by IBM and, perhaps most notably, ArcSight acquired by HP. Add in the introduction of business products from open-source favourite AlienVault, and you could argue that there is little middle ground in the space.

Simister told me that change management and auditing is "about doing it right" and there had been "a lot of hype over the last 18 months". He said: “SIEM is to prove that you know what is going on, and organisations are trying to bill themselves as doing that, but you can do it with a simple solution.”

He said that due to pricing, it had proved popular with the public sector, and he was personally keen on the channel. Currently NetWrix employs 70 people globally and has been established since 2006; and with this being the first move into the UK market, it comes with a strong message that should appeal to many.

After all, if major acquisitions and complex technology have frozen buyers out, then a back-to-basics solution may be what the sector needs.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events