Increasing number of attack vectors, threat detection tools and correlation rules to manage
Highly manual, error-prone process of administering correlation rules and security policies
Range of organization-specific threats and resources making SIEM configuration standards impractical
High rate of IT change complicates the maintenance of log inputs and correlation rules