Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
Nadhem J. AlFardan, PhD, https://www.linkedin.com/in/nadhem Splunk, QRadar, Logrythm and Exabeam are commercial log manage...
Próxima SlideShare
Cargando en…5
×

Selected SOC Technologies - Search Trends

442 visualizaciones

Publicado el

Selected SOC Technologies
Search Trends – 7th Dec 2018

Nadhem J. AlFardan, PhD
https://www.linkedin.com/in/nadhem
--------------------------------------------

Splunk, QRadar, Logrythm and Exabeam are commercial log management and security analytics platforms that are in the 2018 Gartner “Magic Quadrant for Security Information and Event Management” report.

Although Elasticsearch is not in the Gartner report (hmmm, I wonder why!), the Elastic stack is an open source platform that has been adopted or is being considered by many organizations globally, mainly for log management, and in many case for security analytics and threat hunting.

The “interest over time” output shows that most users search for the terms “Elasticsearch” and “Splunk”. Few searches are for “QRadar” and much fewer for “Logrythm” “Exabeam”. Is that a good reflection/measure of how popular these technologies are?!


So why Elasticsearch and Splunk are on top?

Less searches on QRadar, Exabeam and Logrythm

Trying to understand why ...

Elasticsearch is an open source platform. Hence you expect users searching the Internet for articles or answers to questions. Although Splunk is a commercial tool, a free version exists. In addition, Splunk has the concept of being an open platform that has a commercial licensing model. It is very common for Splunk users to search the Internet for answers for questions on Splunk.


QRadar, Exabeam and Logrythm are commercial tools. Organizations might tend to reach out to vendor instead of searching the Internet.

The term “splunk” leads the searches in the US, UK, Australia, Singapore, UAE, etc.

Why? What do these countries have in common?


The term “elasticsearch” leads the search in most of the countries.

Why?


It is interesting to note that 93% of the searches in China are for the term “elasticsearch”. In Russia, it is 72%. These are very high numbers.

Why? What do these countries have in common?


The search for the term “qradar” is 19% for the UAE. Much higher than other countries for the same search term.

Why?

Publicado en: Software
no profile picture user

  • Inicia sesión para ver los comentarios

Selected SOC Technologies - Search Trends

  1. 1. Nadhem J. AlFardan, PhD, https://www.linkedin.com/in/nadhem Splunk, QRadar, Logrythm and Exabeam are commercial log management and security analytics platforms that are in the 2018 Gartner “Magic Quadrant for Security Information and Event Management” report. . The “interest over time” output shows that most users search for the terms “Elasticsearch” and “Splunk”. Few searches are for “QRadar” and much fewer for “Logrythm” “Exabeam”. Is that a good reflection/measure of how popular these technologies are?! Although Elasticsearch is not in the Gartner report (hmmm, I wonder why!), the Elastic stack is an open source platform that has been adopted or is being considered by many organizations globally, mainly for log management, and in many case for security analytics and threat hunting. SEARCH So why Elasticsearch and Splunk are on top? Less searches on QRadar, Exabeam and Logrythm Trying to understand why ... Elasticsearch is an open source platform. Hence you expect users searching the Internet for articles or answers to questions. Although Splunk is a commercial tool, a free version exists. In addition, Splunk has the concept of being an open platform that has a commercial licensing model. It is very common for Splunk users to search the Internet for answers for questions on Splunk. QRadar, Exabeam and Logrythm are commercial tools. Organizations might tend to reach out to vendor instead of searching the Internet. Selected SOCTechnologies SearchTrends – 7th Dec 2018 Views expressed in this report are my own and do not represent the opinion of any entity with which I am associated now, or will be affiliated. The term “splunk” leads the searches in theUS,UK, Australia, Singapore,UAE, etc. Why?What do these countries have in common? The term “elasticsearch” leads the search in most of the countries. Why? Itis interesting to note that 93% of the searches inChina are for the term “elasticsearch”. InRussia, it is 72%.These are very high numbers. Why?What do these countries have in common? The search for the term “qradar” is 19%for theUAE. Much higher than other countries for the same search term. Why? GEOPOLITICAL FINANCIAL SKILL SETS MARKETING CUSTOMER BASE

×