The original post: /r/cybersecurity by /u/elongl on 2024-12-23 12:57:14.
I like to keep myself updated with the latest news in our field and I’ve been reading a lot about how data is going to rule security in the upcoming years.
I’m trying to grasp my head around what’s the future going to look like and how do Cloud-Native SIEMs, XDR platforms, and security data lakes are displacing legacy SIEM solutions.
In particular, I’m curious as to whether the idea of security lake platforms that hold all the security data and enable applications on top of it to utilize it will come true.
In all honesty, I’m not sure I understand how is this any better than modern SIEMs such as Panther or Hunters which give you both the data layer and detection out of the box.
- Do you see any advantages for having that separation of storage and compute?
- Did you stumble a use-case where you wanted to consume data in ways that SIEMs don’t support, such as custom AI/ML?
Let me know what you think.
Reading material: https://softwareanalyst.substack.com/p/the-evolution-of-the-modern-security