Evaluate The Security Operations Company Symantec On Security Information And Event Management Now

When security teams hear "Symantec," they typically think of endpoint protection (SEP) or web gateways (ProxySG). But what about Security Information and Event Management (SIEM)?

Is it a true SIEM? And more importantly, can it compete? Here is an operational evaluation of Symantec for SIEM. To understand Symantec’s SIEM, you must understand its heritage. It came from Blue Coat (acquired by Symantec in 2016, then absorbed by Broadcom). When security teams hear "Symantec," they typically think

For years, Symantec (now part of Broadcom) has been a sleeping giant in the SOC. While Splunk, QRadar, and Microsoft Sentinel dominate the conversation, Symantec offers a different beast: (formerly Blue Coat Security Analytics). And more importantly, can it compete

In a modern SOC, you wouldn't replace your log aggregator with Symantec. Instead, you would use it as a next to your primary SIEM. Feed the alerts from Symantec into your main SIEM, but keep Symantec as the "video replay" system for deep investigation. It came from Blue Coat (acquired by Symantec