How security observability can help you fight cyber attacks
Security observability uses the external outputs of a system, its logs, metrics, and traces to infer risk, monitor threats, and alert on breaches. Security professionals use this close observation of system behavior to detect, understand, and stop new and unknown attacks.
By borrowing concepts from observability, security observability can enable a security operations team to understand risks and incidents in a more holistic way than the traditional “rapidly growing pile of notable events.”
In this Help Net Security video, Jack Coates, Senior Director of Product Management, Observe, discusses how security observability can give customers the power to identify attacks, the cost structure to afford security countermeasures, and the user experience to merge security use cases with operational use cases. It breaks the huge spend on tooling and people associated with more traditional SIEM approaches — and lets you see how systems and people interact over time.