Typical hybrid cloud IT integration strategies have fundamental design flaws that CIOs and CISOs need to address if they're going to avert another attack on the scale of SolarWinds. The design flaws are evident in existing approaches to integrating public and private clouds with legacy systems. Inconsistent endpoint security and privileged access management has turned out to be highly penetrable and painfully lacking. The first two articles in this series explain how getting hybrid cloud security right is hard and how the SolarWinds hack exposed hybrid clouds' greatest weaknesses. This post lays out an approach to solve hybrid cloud security challenges today.

SureLog SIEM is a security platform which differs from many SIEM products. The main difference is; correlation engine which you can develop your own logic with a High-Level Domain-specific Language. There is no restriction in the logic because you can develop your logic in JAVA including Machine learning, statistical methods and artificial intelligence. SureLog is ready for the fallowing ML libraries also. SureLog has a correlation engine and has a feature called Rule As a Code which is Rule Code.

There are many SIEM solutions available. Some of those ML/AI tools available are using pure statistics for outlier detection apart from current hot topic ML, AI algorithms. What is tactical SIEM? if you are spending 80 percent of your time within a SIEM tool doing alert review and analysis, then you are on the right track. If you are an organization that is instead focusing heavily on collecting more data sources, applying patches, or running compliance reports, then your SIEM implementation may not be tactical. So correlation/alert is the heart of SIEM.