1 Introduction
Security Information and Event Management (SIEM) solutions have been a key component of enterprise security infrastructure for nearly two decades. Even today they are still widely utilized as a centerpiece of a security operations center for a large enterprise or a managed security service provider. Unfortunately, in recent years SIEM solutions have lost a substantial part of their original appeal. Security experts have realized that just collecting all the security events across corporate IT systems is not nearly enough to maintain consistent visibility of the enterprise security posture, to say nothing about being able to react to an incident in a timely manner.
Factors like the increasing number and sophistication of cyber threats, the adoption of cloud infrastructure and services and the notorious skills gap leading to a massive shortage of security experts contribute to the overwhelming cost and complexity of operating a SIEM platform as a hub for security telemetry from a multitude of standalone security products. Some experts were even quick to proclaim SIEM dead. It is completely unsurprising that customers are looking for a new generation of security operations solutions, ones that replace complex and inefficient collections of disjointed tools with a tightly integrated platform providing full real-time visibility into all security activities within the corporate network.
Such a platform should not just collect security telemetry from external sources, but enable intelligent bidirectional integrations with critical IT systems like Active Directory, support real-time monitoring and auditing across on-prem and the cloud, and support analysts in identifying and mitigating malicious and suspicious activities. On top of this, organizations now expect security tools to speak the language of business, providing clear security KPIs and compliance reports for regulatory frameworks like GDPR.
ManageEngine is the enterprise software division of Zoho Corporation, an international software development company. Founded in 1996, Zoho Corporation currently offers hundreds of applications to over 50 million customers worldwide. By 2009, the company’s portfolio has become so broad and diversified that the company was split into three divisions, with ManageEngine responsible for IT management software.
Headquartered in Pleasanton, California with software development and operations happening out of Chennai, India, the company develops a broad range of IT service management products, as well as various security and analytics solutions. With over 90 affordable and even free tools, ManageEngine provides over 180,000 customers around the world with solutions for managing IT operations for endpoints, servers, networks, and the cloud, as well as security tools for desktops and mobile devices.
ManageEngine’s solution for the shortcomings of “traditional” SIEM products is Log360 – a tightly integrated SIEM product suite that combines both general-purpose log management capabilities with specialized monitoring and analytics solutions for Active Directory, Microsoft Exchange and Office 365. Augmented with optional advanced capabilities like behavior analytics, threat intelligence and data loss prevention, the solution offers an easy, flexible, and affordable alternative to a monolithic SIEM. Incident management, automated mitigation workflows, and proactive security functions elevate Log360 to a full SOC platform for a company looking for a more affordable alternative to a managed service.