Anyone using DNIF SIEM Solution, any feedback?(question posted on behalf of a CISO member) 

Views: 132

Reply to This

Replies to This Discussion

The below response is based on CISO Platform closed group discussion:

(private CISO member):

It is build on lucin platform, very quick for search, rules , analytics and threat hunting
Use cases and other enhancement will have to be done as per use cases since it will take sometime to mature
PwC, I think has built its SOC platform and have done lots of enhancements but underlying platform is DNIF.
Can be used for SOC but it is not matured as splunk or may be log rhythm
Hope this helps

The below response is based on CISO Platform closed group discussion:

(private CISO member):

Using for SOC since a few months. Good.

Have seen it working well for Mid Size enterprises in particular. The Pros are 

1> Make in India Product 2> Offered by various providers like Tata Communications, PwC etc.; 3>  Option to store and process logs in ELK as well as Lucin mode. They recommend Lucin mode, due to various search and process algorithms built 4> Cost wise much better than QRadar, Splunk etc.; 5> UEBA basic functionality, NBA basic functionality and standard use cases are free with Product ( may be , we have to negotiate)

Cons are:

1> Maturing product still 2> Dashboards have to be customised a lot 3> AI/ML models are preliminary in nature 4> Advanced features like VA integration, Threat score integration, Analytic models are not available 

Overall, good to go. Hope this helps.

RSS

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service