Gravwell Upgrades Community Edition to help users explore and gather deeper insights about their data at no additional cost.
Read Press Release
The State of Cybersecurity Data
We surveyed cyber professionals to find out if and how they use enterprise data to solve their biggest cybersecurity challenges. Scroll down to see what they told us.
Here’s what we found out.
Companies worry about what they don’t know and missed alerts
And, after many many years, ransomware still strikes fear in almost a third of respondents.
They use a lot of tech
to solve these problems
SIEM continues to be the most-used technology, with EDR a close third.
55%
Security Information and Event Management
(SIEM)
52%
Extended Detection and Response (XDR)
27%
Extended Detection and Response (XDR)
19%
User and Entity Behavior Analytics (UEBA)
19%
Security Orchestration Automation and Response (SOAR)
16%
Endpoint Detection and Threat Response (EDTR)
14%
Security Data Lake
Less than half are currently using data science, more are planning on adding it.
Currently Using: 42%
Not Using: 36%
Planning on Using: 19%
No Plans: 3%
But only 14% are using a Security Data Lake.
But only 14% are using a Security Data Lake.
Less than half agree that their SIEM meets their expectations
And nearly a third disagree or still aren’t even using one. (That could be contributing to the “unknown unknown” and “alert fatigue” concerns above.)
And nearly a third disagree or still aren’t even using one. (That could be contributing to the “unknown unknown” and “alert fatigue” concerns above.)
Why?
19% Too Expensive.
Log management is a mixed-bag
Log management is a mixed-bag
And logs that are collected get dropped…
9%
Very Often
31%
Occasionally
30%
Unaware
30%
Not Dropping
Dropping logs sucks. But why are they doing it??
Why?
30% Too Expensive.
19%
Not Sure What we Don’t Ingest
23%
Technical Limitations
27%
Cross Team Functionality
They Should Be Using a Security Lake
Though only 14% reported currently using a security data lake today, installing one (like Gravwell) could take care of all these problems!
Gravwell’s all-you-can-send, no-limits model means you can send everything and keep it!
Gravwell simplifies your tech stack and increases team efficiency, allowing SecOps teams to focus on security, not on running software.
Gravwell beats traditional SIEMs on pricing, observability, investigation capability and performance.
Gravwell’s native automation engine lets you integrate with internal and external systems seamlessly (Say, bye-bye, SOAR).
And the great news is that you can get started with
Gravwell’s Community Edition for free!
Ready to make your security team even better? Gravwell is a whole new way to make sense of your data. Get your demo today to see how you can advance your mission without limits.
