Hi dear professionals,
Can you share with the community 2-3 top pain points you've been experiencing during the Security Information and Event Management (SIEM) solution purchase?
How have you been able to overcome them, if at all?
Thanks for sharing your knowledge with other peers.
1. License models are not communicated transparently which makes planning complicated. You have to talk to multiple people at multiple vendors in several meetings to fully understand the cost scaling factors. That is quite time-consuming. You can overcome this when you just dictate price limits - yes you can actually do that.
2. Planning and conducting a PoC can be a challenge. Depending on how a PoC process is being setup by the vendor. You can overcome this if you ask for the PoC Procedure Plan right from the initial contact with the vendor and use it for internal planning.
Volume versus costs.
Using an intermediate (free) tool to store, transform data and forward only the sumarization (smartdata) of what really matters.
We've worked in SOC for many years. Here are a few pain points in SIEM solution purchases.