August 30, 2021

Idea: Product/Tool to consolidate data from security vendor dashboards into a data warehouse?

# It seems a typical Fortune 500 company has too many security vendors, tools and dashboards deployed in below specific areas

1. Host Intrusion Detection
2. Runtime Threat Defense
3. File Integrity Monitoring
4. Kubernetes Security
5. Anomaly Detection
6. Cloud Compliance
7. Vulnerability Management
8. Firewalls
9. NTA

How does Security Operations Center deal with data form so many dashboards and not correlated with one another?

I am planning to build a tool that queries all the API’s from various vendors periodically , normalize and correlated based on host or vm id and dump them into data warehouse (Snowflake) or S3 for deeper analysis by experts?

In addition to that one can build a knowledge graph connecting everything we know about a particular Node/Key Pair/Certificate and understand/visualize the CVE/blast radius of various applications if all this data is consolidated in one big data platform.

Is there any tool/product that does what I am asking for?



So all of the tools a SOC monitors can be configured to log to an external source and they usually can log in at least the syslog format, and the better tools also support JSON and XML.

Those sources can be a SEIM, or Splunk, Elastic, or other central log store. Most central log store solutions have built in functionality to perform correlation and have dashboard creation functionality.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.