You’ve got SIEM, you employ log management. You even have access and or identity management. Each performs a specific security function for your enterprise, but unless they are working across all your information silos and collaborating their collective capabilities, you still might have vulnerability gaps…like a thoroughbred running with blinders.
While trawling the blogs, feeds and news I came across an analyst’s article about best security practices in which he kept referring to “the stack.” And by this, he meant a multitude of various solutions that address certain security needs and capabilities; everything from email filtering, firewalling, authenticating, credentialing, logging and intrusion detection, etc…
And, if you read my blogs often enough, you know I am a big proponent of unified security. However, unified security is not a stack. It is easy to be confused as both look to utilize best of breed tools to prevent negative impact on IP assets. A stack references a number of technologies where each operates independently from one another. Single sign on by itself is a sufficient tool, but when operating alone in its own silo, important contextual information is lost.