Simon Phillips discusses the importance of data, including data at the edge for effective incident prevention and investigation. Security is driven by data, it’s the heart of your IT systems. The more data you have access to, the more insights your SOC analysts have to help them quickly determine where to start their investigations. 

As an industry veteran, Simon recalls the pain points around using index-based databases and having to predetermine what data you might or might not need due to storage and search constraints. Being able to search and correlate data across different departments and sources is critical for security operations.