As our team was researching the DOD’s big 700 Million RFP for their 20 Combat centers, we learned the requirement that all security vendors selected must send their logs to a specific artificial intelligence/machine learning (AI/ML) driven NextGen SIEM. Intrigued, we asked, “What is a NextGen SIEM?” Having an understanding of SIEMs but having only a minimal understanding of NextGen SIEMs, we did more research to see if there was a realized benefit to our IT enterprise clients or if it was just AI/ML “smoke’n’mirrors.”
We quickly learned that the same NextGen SIEM that monitors all 5 branches of the military’s logs and is the premier detection platform for the DOD’s SIPRNet and NIPRNet. We requested to meet their executive team and was introduced to their CISO Pete Nicoletti. Previously the CISO of HERTZ, Nicoletti invested heavily in fine-tuning a SIEM using IBM Watson’s machine learning to have it find anomalous behavior within log files. According to him, it led to frustration and disappointment.
What Is NextGen SIEM?
Nicoletti’s frustration with existing solutions took him on a journey that led him to the leading NextGen SIEM on the market. Because this solution was created from DARPA grants, the company is organized into two teams: half of their team works solely for DARPA and The US Navy’s AI projects that Nicoletti labels as “over the horizon” kind of projects. The other half is where Nicoletti heads up the Machine Learning/Analytics side.
Their UI shows a bake-off in real-time, as they hook into whatever SIEM your organization utilizes today. The low-cost bolt-on solution utilizes your existing SIEM, and requires no new portal as it integrates with your existing ticketing platform.
This NextGen SIEM is the premier detection platform for the US Government because it sees more “0-day” threats than any other technology, and its precision delivers a drastic reduction in false positives—an average of 2%. Their solution serves as the correlation layer between all of your disparate alerting and monitoring tools and your security helpdesk layer tools. Few in the industry dispute that the US Government is the most attacked entity on the planet, so this performance is truly impressive.
Used by our combat soldiers to make decisions in milliseconds, this technology finds new threats faster than any other technology at the military’s disposal. Raytheon (the United States’ major defense contractor) hosted a 42-way head-to-head comparison across security detection platforms for their Federal customers, and this NextGen SIEM won hands down. Most organizations are constantly caring for and feeding their SIEM solution, at great expense, to find that delicate sweet spot. Instead, why not utilize 150 million dollars of DARPA research to improve your security posture?
So, what is this NextGen SIEM? It’s the very solution the US military already depends on to keep us safe from cyber attacks and one we strongly recommend CISOs or CTOs consider. And because we partner with them, we can integrate their tech into your infrastructure on your CEO’s timetable… which I’m pretty sure was yesterday!
Kristopher Taylor is VP of Cyber Security Sales at 3 Tree Tech in Portland. He is a platform-agnostic tech researcher that transitions siloed organizations into automated DevOps centric businesses. To get his help, message him right here.