{"id":9865,"date":"2017-05-22T09:17:00","date_gmt":"2017-05-22T15:17:00","guid":{"rendered":"https:\/\/swimlane.com\/resource\/too-many-siem-alerts-use-sao\/"},"modified":"2026-03-31T04:15:45","modified_gmt":"2026-03-31T10:15:45","slug":"siem%e3%82%a2%e3%83%a9%e3%83%bc%e3%83%88%e3%81%8c%e5%a4%9a%e3%81%99%e3%81%8e%e3%82%8b%e3%81%9f%e3%82%81sao%e3%82%92%e4%bd%bf%e7%94%a8","status":"publish","type":"sw_resource","link":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/","title":{"rendered":"SIEM \u30a2\u30e9\u30fc\u30c8\u304c\u591a\u3059\u304e\u3066\u30b9\u30bf\u30c3\u30d5\u304c\u56f0\u60d1\u3057\u3066\u3044\u307e\u305b\u3093\u304b? SAO \u3092\u3054\u5229\u7528\u304f\u3060\u3055\u3044\u3002."},"content":{"rendered":"\n\n\n<section class=\"bs-section bs-section-50ac0cc438dbf2f3b380783c05a3c736bb0670e7 bs-section---default bs-section--blog-inner-banner  \"><style>.bs-section.bs-section-50ac0cc438dbf2f3b380783c05a3c736bb0670e7{ background-color: #000743;} <\/style><div class=\"container\">\n<div class=\"bs-row row  flex-md-row-reverse bs-row---default\">\n<div class=\" bs-column col-sm-12 col-md-12 col-lg-6   bs-column-6770b3369b6c61539d3140cb52ed6bc5ec393625 bs-column---default bs-column--right d-flex flex-column justify-content-end    \"><figure class=\"wp-block-post-featured-image\"><img decoding=\"async\" src=\"https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Overwhelmed SOC analyst frustrated by high alert volume and manual security operations\" style=\"object-fit:cover;\" srcset=\"https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts.png 1120w, https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts-300x186.png 300w, https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts-1024x636.png 1024w, https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts-768x477.png 768w\" sizes=\"(max-width: 1120px) 100vw, 1120px\" \/><\/figure><\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-md-12 col-lg-6   bs-column-2ba18c9b6304620af4785b54fe900bf0ce0fc4d5 bs-column---default d-flex flex-column    \"><div class=\"wp-block-post-date\"><time datetime=\"2017-05-22T09:17:00-06:00\">5\u6708 22, 2017<\/time><\/div>\n\n<h1 class=\"wp-block-post-title has-text-color has-white-color\">Are too many SIEM alerts overwhelming your staff? Use SAO.<\/h1>\n\n\n<div class=\"bs-div bs-div-44a15e4b99450b7aaf810333a0fbaa4ff5112133 bs-div---default\"><div class=\"bs-div__inner d-flex flex-wrap align-items-center    \">\n<a class=\"bs-post__author has-text-align-center\" href=\"https:\/\/swimlane.com\/ja\/author\/Katie_Bykowski\/\">\n\t<div class=\"profile-desc\">\n\t\t<figure>\n\t\t\t<img decoding=\"async\" src=\"https:\/\/swimlane.com\/wp-content\/uploads\/author_Katie_Bykowski.jpg\" alt=\"user-avatar\">\n\t\t<\/figure>\n\t\t<span class=\"prefix\"><\/span>\n\t\t<span class=\"name\">\n\t\t\tKatie Bykowski\t\t<\/span>\n\t<\/div>\n<\/a>\n\n\n\n<div class=\"reading-time\">\n    <span class=\"reading-time__time\">3 <\/span> Minute Read\n<\/div><\/div><\/div>\n<\/div>\n<\/div>\n<\/div><\/section>\n\n\n\n\n\n\n\n\n\n<section class=\"bs-section bs-section-205a03f93391472c82564395e3b5684e68c8ef7d bs-section---default bs-section--blog-inner-main-contents  \"><div class=\"container\">\n<div class=\"bs-row row justify-content-between  bs-row---default\">\n<div class=\" bs-column col-sm-12 col-md-1   bs-column-fa02c15a19a9c2952663733986e45d4eef708638 bs-column---default     \"><div class=\"heateor_sss_sharing_container heateor_sss_horizontal_sharing\" data-heateor-ss-offset=\"0\" data-heateor-sss-href='https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/'><div class=\"heateor_sss_sharing_ul\"><a aria-label=\"Email\" class=\"heateor_sss_email\" href=\"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/\" onclick=\"event.preventDefault();window.open('mailto:?subject=' + decodeURIComponent('Are%20too%20many%20SIEM%20alerts%20overwhelming%20your%20staff%3F%20Use%20SAO.').replace('&', '%26') + '&body=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Ftoo-many-siem-alerts-use-sao%2F', '_blank')\" title=\"Email\" rel=\"noopener\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg\" style=\"background-color:#649a3f;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"-.75 -.5 36 36\"><path d=\"M 5.5 11 h 23 v 1 l -11 6 l -11 -6 v -1 m 0 2 l 11 6 l 11 -6 v 11 h -22 v -11\" stroke-width=\"1\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><a aria-label=\"Twitter\" class=\"heateor_sss_button_twitter\" href=\"https:\/\/twitter.com\/intent\/tweet?text=Are%20too%20many%20SIEM%20alerts%20overwhelming%20your%20staff%3F%20Use%20SAO.&url=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Ftoo-many-siem-alerts-use-sao%2F\" title=\"Twitter\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg heateor_sss_s__default heateor_sss_s_twitter\" style=\"background-color:#55acee;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"-4 -4 39 39\"><path d=\"M28 8.557a9.913 9.913 0 0 1-2.828.775 4.93 4.93 0 0 0 2.166-2.725 9.738 9.738 0 0 1-3.13 1.194 4.92 4.92 0 0 0-3.593-1.55 4.924 4.924 0 0 0-4.794 6.049c-4.09-.21-7.72-2.17-10.15-5.15a4.942 4.942 0 0 0-.665 2.477c0 1.71.87 3.214 2.19 4.1a4.968 4.968 0 0 1-2.23-.616v.06c0 2.39 1.7 4.38 3.952 4.83-.414.115-.85.174-1.297.174-.318 0-.626-.03-.928-.086a4.935 4.935 0 0 0 4.6 3.42 9.893 9.893 0 0 1-6.114 2.107c-.398 0-.79-.023-1.175-.068a13.953 13.953 0 0 0 7.55 2.213c9.056 0 14.01-7.507 14.01-14.013 0-.213-.005-.426-.015-.637.96-.695 1.795-1.56 2.455-2.55z\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><a aria-label=\"Facebook\" class=\"heateor_sss_facebook\" href=\"https:\/\/www.facebook.com\/sharer\/sharer.php?u=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Ftoo-many-siem-alerts-use-sao%2F\" title=\"Facebook\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg\" style=\"background-color:#0765FE;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"0 0 32 32\"><path fill=\"#fff\" d=\"M28 16c0-6.627-5.373-12-12-12S4 9.373 4 16c0 5.628 3.875 10.35 9.101 11.647v-7.98h-2.474V16H13.1v-1.58c0-4.085 1.849-5.978 5.859-5.978.76 0 2.072.15 2.608.298v3.325c-.283-.03-.775-.045-1.386-.045-1.967 0-2.728.745-2.728 2.683V16h3.92l-.673 3.667h-3.247v8.245C23.395 27.195 28 22.135 28 16Z\"><\/path><\/svg><\/span><\/a><a aria-label=\"Linkedin\" class=\"heateor_sss_button_linkedin\" href=\"https:\/\/www.linkedin.com\/sharing\/share-offsite\/?url=https%3A%2F%2Fswimlane.com%2Fja%2Fblog%2Ftoo-many-siem-alerts-use-sao%2F\" title=\"Linkedin\" rel=\"nofollow noopener\" target=\"_blank\" style=\"font-size:32px!important;box-shadow:none;display:inline-block;vertical-align:middle\"><span class=\"heateor_sss_svg heateor_sss_s__default heateor_sss_s_linkedin\" style=\"background-color:#0077b5;width:35px;height:35px;border-radius:999px;display:inline-block;opacity:1;float:left;font-size:32px;box-shadow:none;display:inline-block;font-size:16px;padding:0 4px;vertical-align:middle;background-repeat:repeat;overflow:hidden;padding:0;cursor:pointer;box-sizing:content-box\"><svg style=\"display:block;border-radius:999px;\" focusable=\"false\" aria-hidden=\"true\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"100%\" height=\"100%\" viewBox=\"0 0 32 32\"><path d=\"M6.227 12.61h4.19v13.48h-4.19V12.61zm2.095-6.7a2.43 2.43 0 0 1 0 4.86c-1.344 0-2.428-1.09-2.428-2.43s1.084-2.43 2.428-2.43m4.72 6.7h4.02v1.84h.058c.56-1.058 1.927-2.176 3.965-2.176 4.238 0 5.02 2.792 5.02 6.42v7.395h-4.183v-6.56c0-1.564-.03-3.574-2.178-3.574-2.18 0-2.514 1.7-2.514 3.46v6.668h-4.187V12.61z\" fill=\"#fff\"><\/path><\/svg><\/span><\/a><\/div><div class=\"heateorSssClear\"><\/div><\/div>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-lg-8 col-md-11   bs-column-0d83d6d9863f92131cc95492d42e5b50c72f00bb bs-column---default bs-column--contents     \">\n<h2 class=\"wp-block-heading\" id=\"h-siem-platforms\"><strong>SIEM platforms <\/strong><\/h2>\n\n\n\n<p><strong>SIEM platforms are a great way to protect your organization from cyberattacks. They promise to monitor and alert your SecOps team of internal and external threats so they can stay ahead of cybercriminals and avoid costly breaches.<\/strong><\/p>\n\n\n\n<p>The problem is that many organizations aren\u2019t getting as much value from their SIEM solution as they\u2019d like. <strong>SecOps teams are bombarded with <a href=\"https:\/\/swimlane.com\/blog\/too-many-siem-alerts-use-sao\/\">too many security alerts<\/a><\/strong> \u2014 a large majority of which are being generated by SIEM systems. Cybersecurity teams receiving 10,000 to 150,000 alerts per day are simply overwhelmed. <strong>It\u2019s impossible to manually investigate every alert being generated<\/strong>. Therefore, your organization is left vulnerable as you try to pick and choose which alerts you\u2019ll investigate based on what you hope are accurate severity codes.<\/p>\n\n\n\n<p>You\u2019ve invested heavily in SIEM; now what?<\/p>\n\n\n\n<p>Many organizations have invested heavily in their SIEM solution over the past five years, but are <em>still <\/em>not getting the full value from the system.<\/p>\n\n\n\n<p>The overwhelming number of false SIEM alerts means that <strong>many alerts aren\u2019t investigated promptly, if at all<\/strong>. In fact, up to 70% of alerts are ignored due to lack of skilled staffing resources. This is problematic. <strong>Every alert ignored <em>could<\/em> lead to a breach.<\/strong><\/p>\n\n\n\n<p><strong>What organizations need<\/strong><\/p>\n\n\n\n<p>Organizations need to be able to quickly and easily <strong>investigate all of their SIEM alerts<\/strong> and maintain a <strong>clear understanding of the state of security within their organization.<\/strong><\/p>\n\n\n\n<p>Security operations teams need:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>More context surrounding alerts<\/li>\n\n\n\n<li>Smarter SIEM alert logic<\/li>\n\n\n\n<li>Better alert prioritization<\/li>\n\n\n\n<li><a href=\"https:\/\/swimlane.com\/solutions\/security-automation-and-orchestration\/automated-incident-response\/\">Incident response automation<\/a><\/li>\n\n\n\n<li>Centralized security information<\/li>\n<\/ul>\n\n\n\n<p>The answer lies in <a href=\"https:\/\/swimlane.com\/solutions\/security-automation-and-orchestration\/\">security orchestration, automation and response (SOAR)<\/a><strong>.<\/strong><\/p>\n\n\n\n<p><strong>Improve security operations efficiency<\/strong><\/p>\n\n\n\n<p>Swimlane\u2019s SAO solution works in conjunction with your existing SIEM and other IT security systems like IDS and EDR to improve SIEM alert logic &#8212; without the need for custom coding or connectors. SAO helps increase productivity by centralizing security intel, automating incident response, and measuring key performance indicators (KPIs) to better understand how your SecOps resources are performing.<\/p>\n\n\n\n<p><strong>Customizable dashboards<\/strong><\/p>\n\n\n\n<p>Swimlane\u2019s API-first architecture allows you to integrate <em>all <\/em>of your security systems to feed into one central platform. Whether you use Swimlane\u2019s dashboard or feed information into your own systems, your SecOps team benefits from a clear and comprehensive view of how cybersecurity is functioning. This centralized threat intel provides your team with more context surrounding alerts, which helps them to prioritize threat investigations accordingly.<\/p>\n\n\n\n<p><strong>Incident response automation<\/strong><\/p>\n\n\n\n<p>Swimlane also enables security teams to automate manual and time-consuming tasks within their current incident response processes. Every automated step saves time, making it possible to address more alerts in the same amount of time without needing to scale your team.<\/p>\n\n\n\n<p><strong>Documented processes<\/strong><\/p>\n\n\n\n<p>SAO allows incident response processes to be clearly documented before being automated. By recording this information, processes are consistent and provide employees with the standardized workflows they need to handle alerts appropriately. What\u2019s more, tribal knowledge isn\u2019t lost when employees leave.<\/p>\n\n\n\n<p><strong>How Swimlane can help<\/strong><\/p>\n\n\n\n<p>Swimlane enables:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Optimized threat response<\/strong> \u2013 prioritize alerts and standardize workflows<\/li>\n\n\n\n<li><strong>Real-time oversight<\/strong> \u2013 generate reports and use threat response KPIs to understand current capabilities and determine future security needs<\/li>\n\n\n\n<li><strong>Improved staff utilization <\/strong>\u2013 better utilize staff expertise and reduce turnover<\/li>\n\n\n\n<li><strong>Reduced mean time to resolution <\/strong>\u2013 respond to more alerts in the same amount of time<\/li>\n\n\n\n<li><strong>Contextual incident response <\/strong>\u2013 leverage streamlined SIEM alert logic to analyze and resolve security alerts faster<\/li>\n<\/ul>\n\n\n\n<p>Swimlane provides your SecOps team the SAO capabilities they need to improve security operations efficiency, while reducing risk and increasing threat protection.<\/p>\n\n\n\n<p>Ready to respond to <em>all<\/em> of your SIEM alerts with better SIEM alert logic? Contact us to learn more about how SAO can help and <a href=\"https:\/\/swimlane.com\/demo\/\">schedule a demo to see Swimlane<\/a>.<\/p>\n\n\n\n<p>Download our <a href=\"https:\/\/swimlane.com\/automating-incident-response-ebook\/\">Automating Incident Response eBook<\/a> for more information on how SAO can improve your security operations.<\/p>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-12  col-md-12 col-lg-3   bs-column-0ad64702520e52820989c3b8a4a5574abd826112 bs-column---default     \">\n<div class=\"bs-div bs-div-f0851be86a4542da358c10ec17ccebffa17efe07 bs-div---default bs-div--tags\"><div class=\"bs-div__inner     \">\n<h2 class=\"wp-block-heading\" id=\"h-tags\">Tags<\/h2>\n\n\n<div class=\"post-tag-wrapper\">\n    <p><a href='https:\/\/swimlane.com\/ja\/tag\/soar\/'><span class='tag-content'>SOAR<\/span><\/a><\/p><\/div>\n<\/div><\/div>\n\n\n\n<div class=\"bs-div bs-div-5e7267355d8caf36f5b5e0c86eef387b664b848d bs-div---default bs-div--related-posts\"><div class=\"bs-div__inner     \">\n<h2 class=\"wp-block-heading\" id=\"h-related-posts\">Related Posts<\/h2>\n\n\n\n<div class=\"bs-related-posts bs-related-posts-block---default\"><div class=\"bs-related-posts__container\"><div class=\"bs-related-posts__items\">\n<div class=\" bs-column col-sm-4   bs-column-b619eb984092e720779a969a873521d2ec1a85a5 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-6a0fbf3e64556 bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/security-operations-efficiency\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>4\u6708 6, 2017<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>Security operations efficiency: Do more with your existing staff<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n\n\n\n<div class=\" bs-column col-sm-4   bs-column-b619eb984092e720779a969a873521d2ec1a85a5 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-6a0fbf3e6561c bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/rsa-netwitness-alerts\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>10\u6708 18, 2017<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>RSA NetWitness alerts managed with security automation and orchestration (SAO)<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n\n\n\n<div class=\" bs-column col-sm-4   bs-column-b619eb984092e720779a969a873521d2ec1a85a5 bs-column---default     \">\t\t\t\t\t<div class=\"bs-post bs-post-6a0fbf3e66d28 bs-single-post---default enable\" >\n\t\t\t<a class=\"bs-post__trigger\" href='https:\/\/swimlane.com\/ja\/blog\/nist-incident-response\/' target='_self'>\t\t\t<div class=\"bs-post__inner\">\n\t\t\t\t<div class=\"bs-post__details\">    <div class=\"bs-post__date\">\n        <span>1\u6708 31, 2018<\/span>\n    <\/div>\n    <div class=\"bs-post__title\">\n        <h5>Improving incident response with the NIST Cybersecurity Framework and security automation and orchestration (SAO)<\/h5>\n    <\/div>\n<div class=\"bs-post__learn-more\">\n    <span class='btn learn-more-text bs-post__learn-more-text'>Read More<\/span><\/div>\n<\/div>\t\t\t<\/div>\n\t\t\t<\/a>\t\t<\/div>\n\t<\/div>\n<\/div><\/div><\/div>\n<\/div><\/div>\n\n\n<\/div>\n<\/div>\n<\/div><\/section>\n\n\n\n<section class=\"bs-section bs-section-2a4a600ae9ab197b6a4ccafe05152bf1a2fde1d1 bs-section---default bs-section--newsletter bs-section--common-marketo-form bs-section--common-marketo-form-two-columns  \"><style>.bs-section.bs-section-2a4a600ae9ab197b6a4ccafe05152bf1a2fde1d1{ background-color: #000743;} <\/style><div class=\"container-fluid\">\n<div class=\"bs-row row   bs-row---default\">\n<div class=\" bs-column col-sm-0 col-md-0 col-lg-6   bs-column-df5e10bef85c15055718b4d93887855962017939 bs-column---default     \">\n<h2 class=\"wp-block-heading has-white-color has-text-color\" id=\"requestor\">Request a Live Demo<\/h2>\n<\/div>\n\n\n\n<div class=\" bs-column col-sm-0 col-md-0 col-lg-6   bs-column-df5e10bef85c15055718b4d93887855962017939 bs-column---default     \"><div class='media-elements bs-media-element---default enable'>    <div class='bs-common-image'>\n                            <figure class='figure justify-content-start d-flex'>\n                            <picture>\n                            \n                            <img src='https:\/\/swimlane.com\/wp-content\/uploads\/liitp.svg' class='img-fluid'   alt='' title=''  \/>\n                            <\/picture>\n                                \n                            <\/figure>\n                        <\/div><\/div>\n\n<script src=\"\/\/pages.swimlane.com\/js\/forms2\/js\/forms2.min.js\"><\/script>\n<form id=\"mktoForm_1017\"><\/form>\n<script>\n    var embeddedFormId = '05a6905d0187a23e165b2fd995e965fe15cb94f6';\n    var marketoBaseUrl = '\/\/pages.swimlane.com';\n    var munchkinId = '978-QCM-390';\n    var formId = '1017';\n    var responseType = 'redirect';\n    var responseMessage = 'Thank you!';\n    var redirectURL = '';\n    var downloadFileURL = '';\n    var linkOpenType = '_self';\n    var popupVideo = 'url';\n    var popupVideoURL = '';\n    var popupVideoUploadURL = '';\n    MktoForms2.loadForm(marketoBaseUrl, munchkinId, formId, function(form) {\n        form.onSuccess(function(values, followUpUrl) {\n            document.getElementById(\"int_mktoForm_\" + formId).innerHTML = responseMessage;\n                    });\n    });\n<\/script>\n<div class=\"form-submit-note\" id=\"int_mktoForm_1017\"><\/div>\n<!-- Incluing form response options -->\n\n\n\n<script>\n    (function() {\n        \/\/ Please include the email domains you would like to block in this list\n        var invalidDomains = [\"@gmail.\", \"@yahoo.\", \"@hotmail.\", \"@live.\", \"@icloud.\",\"@aol.\", \"@outlook.\", \"@proton.\", \"@mailinator.\"];\n\n\n        MktoForms2.whenReady(function(form) {\n            form.onValidate(function() {\n                var email = form.vals().Email;\n                if (email) {\n                    if (!isEmailGood(email)) {\n                        form.submitable(false);\n                        var emailElem = form.getFormElem().find(\"#Email\");\n                        form.showErrorMessage(\"Must be Business email.\", emailElem);\n                    } else {\n                        form.submitable(true);\n                    }\n                }\n            });\n        });\n\n        function isEmailGood(email) {\n            for (var i = 0; i < invalidDomains.length; i++) {\n                var domain = invalidDomains[i];\n                if (email.indexOf(domain) != -1) {\n                    return false;\n                }\n            }\n            return true;\n        }\n\n\n    })(); \n<\/script>\n<\/div>\n<\/div>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":5,"featured_media":9866,"template":"","meta":{"_acf_changed":false,"show_custom_date":false,"custom_date":"","featured":false,"featured_image":0,"learn_more_label":"","image_alt_text":"","learn_more_type":"","learn_more_link":[],"show_popup":false,"disable_iframe":false,"enable_lazy_loading":false,"learn_more_link_file":0,"event_date":false,"event_start_date":"","event_end_date":"","featured_page_list":[],"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","inline_featured_image":false,"footnotes":""},"tags":[89],"resource-type":[67],"resource-topic":[],"resource-industry":[],"blog-category":[],"class_list":["post-9865","sw_resource","type-sw_resource","status-publish","has-post-thumbnail","hentry","tag-soar","resource-type-blogs"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.5 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Are too many SIEM alerts overwhelming your staff? Use SAO.<\/title>\n<meta name=\"description\" content=\"SIEMs are a great way to protect your organization\u2026 until your SecOps team gets overwhelmed with SIEM alerts. Get control of SIEM alerts with Swimlane SAO.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/siem\u30a2\u30e9\u30fc\u30c8\u304c\u591a\u3059\u304e\u308b\u305f\u3081sao\u3092\u4f7f\u7528\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Are too many SIEM alerts overwhelming your staff? Use SAO.\" \/>\n<meta property=\"og:description\" content=\"SIEMs are a great way to protect your organization\u2026 until your SecOps team gets overwhelmed with SIEM alerts. Get control of SIEM alerts with Swimlane SAO.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/siem\u30a2\u30e9\u30fc\u30c8\u304c\u591a\u3059\u304e\u308b\u305f\u3081sao\u3092\u4f7f\u7528\/\" \/>\n<meta property=\"og:site_name\" content=\"AI Security Automation\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-31T10:15:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1120\" \/>\n\t<meta property=\"og:image:height\" content=\"696\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@swimlane\" \/>\n<meta name=\"twitter:label1\" content=\"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593\" \/>\n\t<meta name=\"twitter:data1\" content=\"4\u5206\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SIEM \u30a2\u30e9\u30fc\u30c8\u304c\u591a\u3059\u304e\u3066\u30b9\u30bf\u30c3\u30d5\u304c\u56f0\u60d1\u3057\u3066\u3044\u307e\u305b\u3093\u304b? SAO \u3092\u3054\u5229\u7528\u304f\u3060\u3055\u3044\u3002.","description":"SIEM\u306f\u7d44\u7e54\u3092\u4fdd\u8b77\u3059\u308b\u512a\u308c\u305f\u624b\u6bb5\u3067\u3059\u2026\u305f\u3060\u3057\u3001SecOps\u30c1\u30fc\u30e0\u304cSIEM\u30a2\u30e9\u30fc\u30c8\u306b\u5727\u5012\u3055\u308c\u3066\u3057\u307e\u3046\u3068\u3001\u72b6\u6cc1\u306f\u4e00\u5909\u3057\u307e\u3059\u3002Swimlane SAO\u3092\u4f7f\u3048\u3070\u3001SIEM\u30a2\u30e9\u30fc\u30c8\u3092\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u3067\u304d\u307e\u3059\u3002.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/siem\u30a2\u30e9\u30fc\u30c8\u304c\u591a\u3059\u304e\u308b\u305f\u3081sao\u3092\u4f7f\u7528\/","og_locale":"ja_JP","og_type":"article","og_title":"Are too many SIEM alerts overwhelming your staff? Use SAO.","og_description":"SIEMs are a great way to protect your organization\u2026 until your SecOps team gets overwhelmed with SIEM alerts. Get control of SIEM alerts with Swimlane SAO.","og_url":"https:\/\/swimlane.com\/ja\/\u30d6\u30ed\u30b0\/siem\u30a2\u30e9\u30fc\u30c8\u304c\u591a\u3059\u304e\u308b\u305f\u3081sao\u3092\u4f7f\u7528\/","og_site_name":"AI Security Automation","article_modified_time":"2026-03-31T10:15:45+00:00","og_image":[{"width":1120,"height":696,"url":"https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_site":"@swimlane","twitter_misc":{"\u63a8\u5b9a\u8aad\u307f\u53d6\u308a\u6642\u9593":"4\u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/","url":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/","name":"SIEM \u30a2\u30e9\u30fc\u30c8\u304c\u591a\u3059\u304e\u3066\u30b9\u30bf\u30c3\u30d5\u304c\u56f0\u60d1\u3057\u3066\u3044\u307e\u305b\u3093\u304b? SAO \u3092\u3054\u5229\u7528\u304f\u3060\u3055\u3044\u3002.","isPartOf":{"@id":"https:\/\/swimlane.com\/ja\/#website"},"primaryImageOfPage":{"@id":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/#primaryimage"},"image":{"@id":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/#primaryimage"},"thumbnailUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts.png","datePublished":"2017-05-22T15:17:00+00:00","dateModified":"2026-03-31T10:15:45+00:00","description":"SIEM\u306f\u7d44\u7e54\u3092\u4fdd\u8b77\u3059\u308b\u512a\u308c\u305f\u624b\u6bb5\u3067\u3059\u2026\u305f\u3060\u3057\u3001SecOps\u30c1\u30fc\u30e0\u304cSIEM\u30a2\u30e9\u30fc\u30c8\u306b\u5727\u5012\u3055\u308c\u3066\u3057\u307e\u3046\u3068\u3001\u72b6\u6cc1\u306f\u4e00\u5909\u3057\u307e\u3059\u3002Swimlane SAO\u3092\u4f7f\u3048\u3070\u3001SIEM\u30a2\u30e9\u30fc\u30c8\u3092\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u3067\u304d\u307e\u3059\u3002.","breadcrumb":{"@id":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/#primaryimage","url":"https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts.png","contentUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/05.22.17-Frustrated-by-Alerts.png","width":1120,"height":696,"caption":"Overwhelmed SOC analyst frustrated by high alert volume and manual security operations"},{"@type":"BreadcrumbList","@id":"https:\/\/swimlane.com\/ja\/blog\/too-many-siem-alerts-use-sao\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/swimlane.com\/"},{"@type":"ListItem","position":2,"name":"Are too many SIEM alerts overwhelming your staff? Use SAO."}]},{"@type":"WebSite","@id":"https:\/\/swimlane.com\/ja\/#website","url":"https:\/\/swimlane.com\/ja\/","name":"\u30ed\u30fc\u30b3\u30fc\u30c9\u30fb\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\uff06SOAR\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff5c\u30b9\u30a4\u30e0\u30ec\u30fc\u30f3","description":"\u3042\u3089\u3086\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6a5f\u80fd\u3092\u30a8\u30fc\u30b8\u30a7\u30f3\u30c8\u578bAI\u3067\u81ea\u52d5\u5316","publisher":{"@id":"https:\/\/swimlane.com\/ja\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/swimlane.com\/ja\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Organization","@id":"https:\/\/swimlane.com\/ja\/#organization","name":"\u30ed\u30fc\u30b3\u30fc\u30c9\u30fb\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30fb\u30aa\u30fc\u30c8\u30e1\u30fc\u30b7\u30e7\u30f3\uff06SOAR\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\uff5c\u30b9\u30a4\u30e0\u30ec\u30fc\u30f3","url":"https:\/\/swimlane.com\/ja\/","logo":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/swimlane.com\/ja\/#\/schema\/logo\/image\/","url":"https:\/\/swimlane.com\/wp-content\/uploads\/sw-inline-logo-color-white.svg","contentUrl":"https:\/\/swimlane.com\/wp-content\/uploads\/sw-inline-logo-color-white.svg","width":912,"height":190,"caption":"Low-Code Security Automation & SOAR Platform | Swimlane"},"image":{"@id":"https:\/\/swimlane.com\/ja\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/swimlane","https:\/\/www.linkedin.com\/company\/swimlane\/"]}]}},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9865","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource"}],"about":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/types\/sw_resource"}],"author":[{"embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/users\/5"}],"version-history":[{"count":1,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9865\/revisions"}],"predecessor-version":[{"id":55419,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/sw_resource\/9865\/revisions\/55419"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/media\/9866"}],"wp:attachment":[{"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/media?parent=9865"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/tags?post=9865"},{"taxonomy":"resource-type","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-type?post=9865"},{"taxonomy":"resource-topic","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-topic?post=9865"},{"taxonomy":"resource-industry","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/resource-industry?post=9865"},{"taxonomy":"blog-category","embeddable":true,"href":"https:\/\/swimlane.com\/ja\/wp-json\/wp\/v2\/blog-category?post=9865"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}