The convergence (or not) of security and operations event monitoring
Event monitoring is of interest from both a security and an operations perspective, but to date they have tended to be implemented separately with different toolsets. This joint interest has given rise to vendors and enterprises exploring the convergence of these two capabilities. Although overlaps in technologies, requirements, and processes exist, significant differences remain, which will impede full convergence indefinitely.
META Trend: Threat and vulnerability management integration will accelerate through 2004. While most organizations still focus on technology problems of intrusion control and count on improved detection, correlation, and prevention capabilities, advanced organizations pursue a more process-oriented approach (introducing a business perspective), which will evolve into comprehensive vulnerability life-cycle management in 2006/07. Demand for managed security services of various types (e.g., security monitoring, customized alerts) will increase, but despite vendor consolidation, maturity will lag for many disciplines through 2005.
By Chris King, Corey Ferengul, Paul Proctor at ZDNet.
[ Read more ]