Date Added: Jun 2010
One is worried about data breaches or maybe one is working toward PCI-DSS, FISMA or HIPAA compliance. One likely has some combination of firewalls, vulnerability scanners and AV software in place, but these systems generate more information than one can act on, and are completely siloed from each other. One knows they need to address the compliance requirements for log collection, but how does one turn all that information from all their different systems' logs into usable information? Also, from that information, one wants to be able to easily investigate and quickly respond to suspicious incidents that occur on their network. On top of that, one doesn't want to spend a lot of time and money on products that don't end up addressing their needs.