Red Canary has announced new capabilities for Red Canary Security Data Lake, a service that enables IT and security teams to efficiently store, search, and access large volumes of infrequently accessed logs—such as firewall, DNS, and SASE data—without overspending on legacy SIEMs.
Security teams struggle to balance data retention costs with ensuring they have the relevant logs available when needed for threat investigations and response. In fact, new research surveying 300 IT and security professionals, commissioned by Red Canary and conducted by Censuswide in February 2025, found that:
- Just 35% of data stored in legacy SIEMs delivers tangible value for threat detection.
- Only 13% of organizations separate out low value data for cheaper storage in a raw data repository.
- Due to SIEM storage costs, 68% of IT security decision makers discard low value data and have to hope they won’t regret it.
- 84% of IT security decision makers say having a security data lake to store low value logs at reduced costs would maximize the value of their SIEM spend.
- 62% of IT security decision makers say they are fed up with pouring money down the drain storing useless data just to tick a box for compliance.
Red Canary’s new Security Data Lake capabilities help organizations tackle these issues head on. Whether organizations are looking to complement an existing SIEM investment by storing lower-value data more efficiently or need a standalone solution for managing security logs without a SIEM, Red Canary’s Security Data Lake delivers flexibility, cost savings, and seamless access to critical data when it matters most.
What’s new:
Ingest logs from any source
- Retain high-volume, infrequently accessed logs, such as firewall, DNS, and SASE data.
- Store raw, line-delimited data (e.g., JSON strings, Syslog messages) that is writable to an Amazon S3 bucket or Syslog collector.
Demonstrate compliance in highly regulated industries, such as financial services and healthcare
- Store logs indefinitely to meet retention requirements.
- Export logs on demand to compile audit reports when needed.
Ensure data availability for threat investigations
- Use SQL search to run ad-hoc queries during incident investigations.
- Search data by attributes such as hostnames, IPs, URLs, and date/time ranges.
- Perform basic statistical analysis to enhance detection workflows.
Additional resources:
Methodology:
Research based on a survey of 300 IT security decision makers in the U.S. (200) and UK (100) in enterprises with over 1,000 employees. It was commissioned by Red Canary and conducted by Censuswide in February 2025.
Related
This entry was posted on March 4, 2025 at 2:42 pm and is filed under Commentary with tags Red Canary. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Red Canary Expands Its Security Data Lake, Allowing IT and Security Teams to Meet Compliance and Audit Requirements While Significantly Reducing Costs
Red Canary has announced new capabilities for Red Canary Security Data Lake, a service that enables IT and security teams to efficiently store, search, and access large volumes of infrequently accessed logs—such as firewall, DNS, and SASE data—without overspending on legacy SIEMs.
Security teams struggle to balance data retention costs with ensuring they have the relevant logs available when needed for threat investigations and response. In fact, new research surveying 300 IT and security professionals, commissioned by Red Canary and conducted by Censuswide in February 2025, found that:
Red Canary’s new Security Data Lake capabilities help organizations tackle these issues head on. Whether organizations are looking to complement an existing SIEM investment by storing lower-value data more efficiently or need a standalone solution for managing security logs without a SIEM, Red Canary’s Security Data Lake delivers flexibility, cost savings, and seamless access to critical data when it matters most.
What’s new:
Ingest logs from any source
Demonstrate compliance in highly regulated industries, such as financial services and healthcare
Ensure data availability for threat investigations
Additional resources:
Methodology:
Research based on a survey of 300 IT security decision makers in the U.S. (200) and UK (100) in enterprises with over 1,000 employees. It was commissioned by Red Canary and conducted by Censuswide in February 2025.
Share this:
Like this:
Related
This entry was posted on March 4, 2025 at 2:42 pm and is filed under Commentary with tags Red Canary. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.