SenSage Opens SIEM Data To Business Intelligence Tools

Security information and event management (SIEM) vendor SenSage has opened up its data to third-party business intelligence (BI) tools and dashboards, enabling organizations to leverage security data with business data analytics and create highly customized reports. The latest release (version 4.6) supports Open Database Connectivity/Java Database Connectivity (ODBC/JDBC) APIs, allowing integration of SenSage's data warehouse with BI products through SQL queries and/or the BI tools' more user-fr

February 4, 2011

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Security information and event management (SIEM) vendor SenSage has opened up its data to third-party business intelligence (BI) tools and dashboards, enabling organizations to leverage security data with business data analytics and create highly customized reports. The latest release (version 4.6) supports Open Database Connectivity/Java Database Connectivity (ODBC/JDBC) APIs, allowing integration of SenSage's data warehouse with BI products through SQL queries and/or the BI tools' more user-friendly query wizards.

"What I call vendor promiscuity," says 451 Group analyst Andrew Hay, "opens up opportunities for people to extract the data they need to get the job done and not be constrained by the vendor interface."

While SIEM vendors are known for their ability to import data from many sources and, in some cases, to open data to technology partners, they have not allowed their data to be pulled in on-demand using open standards. Hay thinks more SIEM vendors will move in this direction as long as they can protect their intellectual property.

This type of open-standards approach to information sharing, he says, opens up many possibilities in addition to porting data into BI tools, dashboards, and other reporting and analysis tools. For example, third-party vendors could leverage SenSage's scalable data warehousing capabilities if they lack their own. Or, enterprises could create Web applications to present highly focused dashboards to present, say, security information to a particular business division.

"Opening up the architecture to business intelligence tools is an opportunity to take what has been most useful in the business data analysis universe and bring it to the security universe," says SenSage president and CEO Joe Gottlieb. "It's a data mining problem. This brings the state of the art of data mining to security."Bringing security data into business intelligence should enable enterprises to bring more granular context to security analysis to better assess risk based on the potential business impact of a threat.

The 4.6 release also provides:

  • Expanded interoperability through industry APIs, with the ability to accept alerts from third-party products like IBM Tivoli and HP OpenView, leveraging open APIs such as SNMP as well as proprietary APIs such as Check Point LEA;

  • An updated analytics installer and log adapters with new views and source-specific reports;

  • Database storage for reporting history;

  • The ability to audit security administrator changes;

  • Improved SNMP Sender and Retriever, which acts as a bridge and can put all data onto a syslog stream; and

  • Support for RedHat 5.5


"This is an indication that the SIEM space is maturing," says Hay. "We can push a SIEM-style or LM product to the operational and hands-on security people and present them with this high level abstraction layer for business-focused risk and compliance."

See more on this topic by subscribing to Network Computing Pro Reports Research: WAN Security (subscription required).

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights