What do you thinks? 🤔 🤔
What is the best way to build multi cloud SIEM on google cloud?
+22That's a very broad and open question because I'm not really sure what you mean by a multicloud SIEM on GCP. If you want to talk about using Google SecOps (which takes advantage of GCP) and ingesting data from multiple clouds, you could reference the default parser library that is already available as well as build your own parsers and then leverage the different mechanisms to ingest data including ingestion APIs and data feeds.
You could also look at leveraging SCC which also provides additional capabilities that assist in securing the GCP cloud environment and I believe is doing more with other major clouds as well to assist with that.
I suppose you could also leverage tools like BigQuery and build your own solution on top of GCP.
We do have customers who are using Google SecOps to monitor GCP as well as AWS and Azure solutions in addition to their on-prem. Like everything else, there are others who are doing portions of this and others looking at migrations of these things but they all take time and planning to implement.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.