Big Data is not only a challenge for customer-facing organizations—but for security teams as well. Over the past decade, the demand for stronger security has driven the collection and analysis of increasingly larger amounts of event and security contextual data. Security Information and Event Management (SIEM) has long been the core tool that security teams have depended on to manage and process this information.
However, as security data volume has grown, relational and time-indexed databases that support SIEM are struggling under the event and analytics load. Legacy SIEM systems have raised doubts about the potential success of SIEM implementations due to their slow performance, inability to manage data effectively, and the extremely high costs associated with scaling. This paper addresses the Big Security Data challenge and highlights the key criteria organizations need to consider for processing security information in light of today’s dynamic threat landscape.