2020-08-18T04:30:00Z

What is the best SIEM tool for a large financial services firm?

46

Do you have recommendations for the best SIEM tool to invest in for a large financial services provider? What particular features of your recommended tool make it the best choice?

ITCS user
Guest
22 Answers

author avatar
Top 5Real User

Hello,


First off, look for a SIEM that offers customized content for financial services. Use cases such as SWIFT fraud, insider threat and data exfiltration, trade surveillance are the sort of support you should be looking for. 


I work for Securonix, and our solution has content tailor-made for the financial services industry. Specific financial services firms may have different requirements, but our prebuilt content provides broad coverage. Needless to say, I would recommend Securonix, but one aspect to consider with any solution - for financial services, the creation of new threats is much faster than for other industries. Consider a SIEM tool with strong analytics (UEBA) pedigree and good data ingestion and scaling capabilities.

2020-08-24T08:41:29Z
author avatar
Top 5Real User

I would take a long hard look at IBM QRadar. The user behavior analytics will give you insight into insider activity. You will want to run CIS internals on your endpoints and get detailed logs using their Wincollect server functionality. Using that alongside of something like Varonis and a decent DLP solution will give you complete insight into what your users are doing, when they did it, and what information was involved. Installing it is easy configuring it is formidable but the results will give you attribution and specificity. In addition the capabilities of QRadar allow the development of specific use cases that will detect anomalous behavior and provide excellent IOAS and IOCs.

2021-01-04T14:51:41Z
Find out what your peers are saying about Splunk, IBM, Devo and others in Security Information and Event Management (SIEM). Updated: June 2021.
511,307 professionals have used our research since 2012.