The move from “log correlation” to “behavioral risk” requires a paradigm shift.
The first generation of cybersecurity solutions leveraged the power of “logs”. This was based on the credence that ad-hoc events once captured and preserved may be correlated in the future to provide historical evidence. Logs are valuable for technical support, troubleshooting and audits. The log centric model was designed to fulfill compliance requirements and verify security controls implemented for access management.