"What I call vendor promiscuity," says 451 Group analyst Andrew Hay, "opens up opportunities for people to extract the data they need to get the job done and not be constrained by the vendor interface."
While SIEM vendors are known for their ability to import data from many sources and, in some cases, to open data to technology partners, they have not allowed their data to be pulled in on-demand using open standards. Hay thinks more SIEM vendors will move in this direction as long as they can protect their intellectual property.
This type of open-standards approach to information sharing, he says, opens up many possibilities in addition to porting data into BI tools, dashboards, and other reporting and analysis tools. For example, third-party vendors could leverage SenSage's scalable data warehousing capabilities if they lack their own. Or, enterprises could create Web applications to present highly focused dashboards to present, say, security information to a particular business division.
"Opening up the architecture to business intelligence tools is an opportunity to take what has been most useful in the business data analysis universe and bring it to the security universe," says SenSage president and CEO Joe Gottlieb. "It's a data mining problem. This brings the state of the art of data mining to security."