This resource is no longer available
Admins must regularly evaluate SIEM system capabilities. If an old suite still relies on occasional pattern recognition signature updates, does not manage hybrid environments well, does not support data aggregation well or purely focuses on one type of security, then those SIEM tools need an upgrade.
Vendors such as Splunk are upgrading their offerings to use cloud-based frameworks and are implementing artificial intelligence capabilities as a way to lower costs, accelerate implementation time and provide available data beyond logs.