Interactive Courses + DFIR NetWars Available During SANS Cyber Security Central in June. Save $300 thru 5/12.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

An Evaluator's Guide to Next-Generation SIEM

  • Thursday, December 06, 2018 at 1:00 PM EST (2018-12-06 18:00:00 UTC)
  • Barbara Filkins, Christopher Crowley, Sara Kingsley


  • LogRhythm

You can now attend the webcast using your mobile device!



Struggling with blind spots? Inundated with false negative alarms? You're not alone. When security information and event management (SIEM) systems debuted more than 10 years ago, they served a key purpose: coordinating the myriad alerts generated by intrusion prevention and detection tools. But many SIEMs failed to deliver upon their promise of protecting organizations. Threats successfully evaded the preventive technologies and generated more false negative alarms than teams could handle.

To address these challenges, SIEM evolved. Next-generation SIEMs deliver more than just security event management and alarmingthey provide security teams with actionable insights with advanced analytics, data forensics, and incident response and automation capabilities. But how do you know which next-generation SIEM is the best fit for your organization's needs? 

In this webcast, you will learn:

  • What makes a SIEM "next-generation"
  • How to evaluate a next-generation SIEM
  • The requirements that should guide your next-generation SIEM POC

Register today to be among the first to receive the associated buyer's guide whitepaper written by SANS Analyst and procurement expert Barbara Filkins with advice from SANS Analyst and SOC expert Chris Crowley.

View the associate buyer's guide whitepaper here.

Speaker Bios

Barbara Filkins

Barbara Filkins, SANS Analyst Program Research Director, holds several SANS certifications, including the GSEC, GCIH, GCPM, GLEG and GICSP, the CISSP, and an MS in information security management from the SANS Technology Institute. She has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Barbara focuses on issues related to automation—privacy, identity theft and exposure to fraud, plus the legal aspects of enforcing information security in today’s mobile and cloud environments, particularly in the health and human services industry, with clients ranging from federal agencies to municipalities and commercial businesses.

Christopher Crowley

Christopher Crowley, a senior SANS instructor and course author for SANS courses in Managing Security Operations and MGT535 Incident Response Team Management, holds multiple certifications. He received the SANS 2009 Local Mentor of the Year award for excellence in providing mentor classes to his local community. Chris is a consultant based in Washington, D.C., who has more than 15 years of experience in managing and securing networks. His areas of expertise include network and mobile penetration testing, mobile device deployments, security operations, incident response and forensic analysis.

Sara Kingsley

Sara Kingsley is a senior product marketing manager at LogRhythm focused on the overall next-generation SIEM platform, security analytics and our customer success services. She possesses extensive experience in product marketing from small startups to large global organizations and believes chatting with customers to be the most fulfilling part of her workday. Sara received a master's degree from Georgia Tech and, prior to LogRhythm, worked as a Department of Defense contractor creating business continuity plans for network operations.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.