EP44 Evolving a SIEM for the Future While Learning from the Past

Topics covered:

• What are your views on modern SIEM?  What should it do and what should it be?
• Should it even be called SIEM? 
• Is SaaS/cloud-native SIEM the only way to go?
• Can anybody build a SIEM in the cloud by installing the regular SIEM on IaaS?
• What are the top challenges for organizations deploying and operationalizing SIEM today?
• What are some hidden or commonly forgotten costs for a SIEM deployment?
• Is open source the answer to SIEM?
• SIEM today should deliver on detection, hunting and investigation use cases, so what does it mean in terms of practical data retention?