Old friend and VP of marketing at Vectra Networks, Mike Banic, stopped by to discuss ESG’s security operations and analytics platform architecture (SOAPA) and its impact on cybersecurity. In part 1 of our discussion, Mike and I chat about:
- Why network telemetry is so important for security analytics. Mike reminds me that ‘the network doesn’t lie.’ In other words, cyber-attack kill chains are synonymous with network communications so threat detection equates with knowing what to look for within network traffic patterns.
- SOAPA integration. While Vectra monitors and analyzes network traffic, SOC teams also analyze and interact with other security telemetry. SOAPA is all about bringing all of these discrete analytics tools together to provide a more holistic perspective on security status. Mike talks about areas where customers are asking for technology integration and how Vectra is responding on both incident detection and response.
- Adding value to the SIEM. SIEM tools remain a nexus of cybersecurity analytics and operations and thus an essential component of SOAPA. Mike says that many organizations rely on SIEM as a foundation for security operations processes and Vectra helps streamline these processes with accurate analytics that can help provide a starting point identifying the root cause of a problem.
- What about the cybersecurity skills shortage? I remind Mike that while organizations understand that they need better security analytics, they may not have the resources or skills to deploy complex new tools. Mike tells me that Vectra sees this issue firsthand and has tried to design its products for ease-of-use and accuracy to promote security operations productivity.
I always enjoy my chats with Mike, he’s both knowledgeable and entertaining. More in part 2 of the SOAPA video with Vectra Networks soon!