Today, there are a lot of applications in various areas like campus, data center, clouds, home, factories and so on. Because there are increasing number of threats and attacks, we must provide comprehensive security under multi cloud environment. As there are a huge amount of security events generated from a large number of devices, it is impossible to get the insights without using SIEM (Security Information and Event Management System).
However, security events are limitlessly increasing and each vendors or services would send the data with different format; therefore it would require huge cost both for the system and the operation if we go and rely on the existing SIEM solution.
To address this issue, we believe the scalable architecture and solution are required to deal with the explosion of cloud log and optimize the cost and achieve the efficiency of overall operation. In this PoC, we introduce the architecture and demonstration to maximize the ROI of cloud utilization in such a fast-changing environment.