Splunk Provides Adaptive, Operational Intelligence

A Security Operations Center (SOC) typically monitors the internal network data while Security Incident and Event Management (SIEM) provides a dashboard view with bit more control of the alerts generated by the applications and systems hardware. Often these are both reactive activities, notifying system admins only when something has already gone wrong. But what if you could anticipate a problem, and based on the data, create new and better rulesets on the fly? In that way Splunk, a big data company that seeks to provide security intelligence, is like a SIEM on steroids.