on demand

Buy vs Build: GitLab’s SIEM-journey in a Cloud-Native World

The rise of large cloud providers and horizontally scalable infrastructure has made building software for production workloads more approachable than ever. Coupled with traditionally slow vendor innovation cycles and outdated business models, many teams are feeling pressure to build software in-house to replace or augment their legacy SIEM. 

However, even with access to cheap storage, scalable infrastructure, and in-house engineering resources, the cost and business risk associated with building and maintaining a mission-critical security platform is high. In addition, given that the average time to discover a breach is 280 days, security teams don't just need to capture their organization's data, they need to retain it for long periods of time in a format that enables reliably fast searching in the event of breach. In these situations, system design, flexibility, and cost-effectiveness at scale are paramount. 

GitLab Director of Security Operations, Jan Urbanc, and Panther Labs Director of Engineering, Joren McReynolds, discuss how you can:

  • Evaluate the total cost of ownership, opportunity cost, and time-to-value associated with SIEM Buy vs Build
  • Build modern detection and response pipelines with best-of-breed tooling, well-understood programming interfaces, and open data ecosystems
  • Position your security team for success in the era of big data and everything-as-a-service


Jan Urbanc

Jan Urbanc

Director of Security Operations @ GitLab
Joren McReynolds

Joren McReynolds

Director of Engineering @ Panther Labs

Watch Now!

Recommended Resources

Escape Cloud Noise. Detect Security Signal.
Request a Demo