Cisco Leverages Open-Source Kibana to Power OpenSOC Analytics
Page 1 of 1
OpenSOC at first glance might appear to be a SIEM (Security Information and Event Management) system but according to Annie Ballew, Solutions Architect in the Cisco Security Business Group, it isn't a SIEM technology in the traditional sense. Rather Ballew said that OpenSOC should be considered as a big data technology for security analytics.
"Our goal is to push the technology forward for overall security incident investigation and visibility by leveraging advanced big data techniques," Ballew said. "OpenSOC does provide SIEM-like capabilities, but it also incorporates forensics capabilities, enables machine learning and analytics, and rapidly applies external information sources to security and network telemetry as it comes in.