March 20, 2019
Did you know that Microsoft is a security vendor? No, it’s true. For years, the company was hammered by negative public perception and the butt of jokes around the 2002 "trustworthy computing" memo
. The company has steadily invested in developing a security mindset and the product results are now more visible to the public. Noteworthy announcements include Windows-as-a-service
designed to updated the core operating system against ever-evolving threats and more recently, the beta test
of Azure Sentinel billed as a cloud-based SIEM (security information and event management) platform
What does it all mean to the buyer of SIEM and EDR (endpoint detection and response) platforms
? Well, for one thing, it surely means a significant competitor. Buyers who gravitate towards platform
buys and can self-serve their security needs will now have a new option. In the EDR space, this means those considering big-name vendors such as Carbon Black, SentinelOne, Tanium, and the like, will begin evaluating Windows Defender ATP.
In a similar vein, the Azure Sentinel platform
takes aim at big-name standalone SIEM vendors such as IBM QRadar, Micro Focus ArcSight, Exabeam, and LogRhythm. If you were able to mount a defense of your network using such high-end solutions, why then there is yet another platform
But wait, is the real problem the lack of a scalable cloud-based platform
? Notice platform
has been in italics throughout the article. Is the lack of a scalable, cloud-based platform
the main obstacle to better security for the typical business? Not really. If you gave away a free license to any of these big-name products to a typical MSP (managed service provider) or medium-sized enterprise, it still wouldn't improve security much and wouldn't generate the hoped-for outcome. You know why, it’s mad skillz
and process discipline along with scalable, preferably hosted technology, that is needed. And of course, the global IT security skill shortage affects everyone, MSP and end-buyer alike.
Recognizing this core problem many years back, EventTracker introduced SIEMphonic
for the Enterprise and Essentials
for the MSP. This month, we introduced EventTracker EDR
, a managed service built on the same technology and services foundation. Hosted in a U.S. datacenter plus mad skillz
delivered from a 24/7, ISO 27001 certified SOC (security operations center). Everything we do is based on our core concept that repeatable, consistent, scalable security outcomes are only possible when you meld best-in-class technology with disciplined subject matter experts.
So, do you want to buy more technology? Or do you want outcomes?
P.S. The recent S-1 filing
by Lyft says: "We believe that the world is at the beginning of a shift away from car ownership to Transportation-as-a-Service or TaaS. Lyft is at the forefront of this massive societal change. Car ownership has economically burdened consumers. U.S. households spend more on transportation than on any expenditure, other than housing. On a per household basis, the average annual spend on transportation is over $9,500, with the substantial majority spent on car ownership and operation."
Now substitute car ownership in the above paragraph with SIEM or EDR ownership. The as-a-service concept is here to stay.
P.P.S. The filing also says: "The average cost of a new vehicle in the United States has increased to over $33,000, which most American households cannot afford."
Is that your situation with SIEM and EDR technology? If so, relief is at hand. Learn more about our Zero to SOC
approach to co-managed security.