No SIEM can deliver the security event data from Exchange,
SharePoint and SQL Server without middleware. It’s not the SIEM’s job to
address the complexities involved in collecting and translating that event
data. It’s certainly not the SIEM’s fault that it needs LOGbinder to bridge the
gap between the applications and a log management solution.
Some security analysts tell us that while monitoring the
security events from inside the application is vital, they don’t include
middleware in the initial budget because they didn’t know it was needed! This
is not good. The word still needs to get around. Include LOGbinder in the initial scope when evaluating a SIEM. See
here for the list of SIEMs
integrated with LOGbinder software.
We hear from security analysts just about every day, from
countries all over the globe. Most have found LOGbinder to be, not merely the
only solution for solving their huge application security log delivery problem,
but a welcomed source of added value to the mundane application security audit
collection process. The cost savings associated with manual application
security audit inspections and the risk mitigation more than cover the expense.