Author Jon Oltsik, in an article on Network World, examines cloud-based security event management. Around for about a decade now, SIEM was originally built to capture, normalize, process, and correlate firewall and IDS logs. Now however, it participates more extensively in areas like log management, security analysis and forensics, regulatory compliance, and risk management.
“I have an alternative suggestion for the security management industry; it’s called “cloud computing.” Why not take advantage of the massive processing scale of say AWS and build a burstable hybrid-cloud application architecture for SIEM? The model certainly works, just ask Facebook games maker Zynga about architecting a distributed application architecture that leverages AWS for massive scale.”