SBN

The Hidden Costs and Challenges of Log Data Storage Using a SIEM

The following is an excerpt from our recent customer story, “How a Government Entity Switched to MixMode and Decreased Data Storage Costs by 50%,” in which you can learn how switching to MixMode helped save a large government entity from the ineffective threat detection capabilities and colossal log storage costs of their failed 3 year long SIEM and UBA deployment.  

The Hidden Costs and Challenges of Log Storage Using a SIEM 

Their originally chosen third-party UBA/SIEM solution was dependent on rules-based alerts, queries and dashboards designed to provide threat intelligence. Because these SIEM and UBA deployments (like almost every other cybersecurity platform currently available) had a dependence on historic log data to identify threats and anomalies, they were completely unable to predict future behavior or real-time threats. 

With a platform like MixMode which utilizes unsupervised AI and self-learning, these things would become possible.

MixMode identified active attacks and probes being missed by this piecemeal system, without relying on historic or aggregate log data and examined their SIEM solution from two primary angles:

  • How much data the entity was generating.
  • How much incremental data storage was required because of vendor labeling.

Ultimately, MixMode found, the log-based SIEM approach resulted in five times the amount of data that needed to be stored, a cost that was passed along to the government entity. Essentially, the SIEM vendor, like all SIEM vendors, gathered data, labeled it (which expanded the size of the data stores), and sorted it so that their product would work, without communicating true anticipated storage costs from the start. 

In order to continue using the multiple log storage data repositories, which were proprietary to the SIEM and UBA vendors thanks to the extensive labeling, the government entity would need to pay exorbitant licensing and additive storage fees.

In some ways, the problems associated with log storage based SIEM solutions seem inevitable. Data is dynamic, ever-expanding and if it’s not handled proactively, prone to overloading systems and system operators alike. MixMode customers know it doesn’t have to be this way.

MixMode leads with innovation. Clients gain access to predictive alerting solutions that empower them to access robust, game-changing security features without being gouged by an unethical pricing structure.

“MixMode has proven to be a far more effective platform than traditional cybersecurity tools, at a fraction of the cost,” explains Geoffrey Coulehan, Head of Sales and Alliances at MixMode. “Our customers achieve positive ROI with greater efficacy in identifying and addressing cyber threats by taking advantage of our Unsupervised AI and eliminating the need to store data in a redundant, proprietary format.”

Download the entire customer story here:

How a Government Entity Switched to MixMode and Decreased Data Storage Costs by 50%

MixMode Articles You Might Like:

The Fourth Industrial Revolution – AI, Quantum, and IoT Impacts on Cybersecurity

How a Government Entity Switched to MixMode and Decreased Data Storage Costs by 50%

The SOC Reckoning

2021: The Year SOCs Embrace Cybersecurity Convergence

Why Responding to a Cyber Attack with a Traditional SIEM Leaves You Vulnerable

Misconceptions of the SOAR “Playbook”

*** This is a Security Bloggers Network syndicated blog from MixMode authored by Christian Wiens. Read the original post at: https://mixmode.ai/blog/the-hidden-costs-and-challenges-of-log-data-storage-using-a-siem/