Building SIEM for the Cloud? You Need to Know the Cloud.

Today’s innovating companies are increasingly moving to public cloud environments to manage their mission-critical applications. In fact, 83% of enterprise workloads will be in the cloud by 2020.1


So, what does that mean for security?


With the expansion to the cloud, organizations are actively reviewing their security needs across the ecosystem of people, processes, and technology that protects the data and applications operating in the cloud.

In the technology category, security incident and event management (SIEM) platforms play a key role. To accommodate for enterprise adoption of cloud computing, SIEM solutions are enhancing their capabilities to support hybrid and multi-cloud environments. However, cloud computing is a complicated operation and has a uniquely different architecture and requirements for processes to ingest and correlate data compared to developing SIEM for on-premise environments.


In short, SIEM architects need to know the cloud to build for the cloud.


Ultimately, the performance of SIEM platforms that are built to support cloud infrastructure relies on a strategy of recruiting and engaging industry experts who have deep cloud domain expertise.

Cloud expertise are essential in developing a successful SIEM—one that includes advanced analytics expressly designed to process the constantly changing, high-volume of data unique to AWS and Microsoft Azure cloud environments.

When looking for a SIEM solution to support your cloud infrastructure, assess the vendor’s knowledge of designing for cloud environments. Do they have the experience?

One tell-tale sign to look for is a vendor with a solution that is built in the cloud—with a cloud-native architecture—designed for multi-cloud environments. A cloud-native solution is a strong indicator that the vendor has leaders on the team with in-depth cloud experience. Leaders who can not only navigate the nuances of designing for the cloud but who are also adept at optimizing the solution’s efficiency in supporting cloud environments.


Learn more about JASK’s multi-cloud SIEM capabilities.


1) Forbes. 83% of Cloud Workloads Will Be In The Cloud By 2020. January 2018.


About the Author

Ken Liao is the Vice President of Product Marketing at JASK. With over 13 years of experience in information security, he is responsible for bringing JASK’s solutions globally to market. Ken holds a Bachelor of Science degree from the University of California at Berkeley.


Share on