Abstract innovates in SIEM with 'composable' architecture

Until today, no one outside Abstract had heard of AI-Gen Composable SIEM. Now the company is launching a platform that combines different building blocks for AI-native security operations. What exactly does that mean?

We had already heard of ‘next-gen SIEM’. This is a system that replaces traditional rule-based logging with automatic recognition of complex threats. It was designed to reduce noise on the line for SecOps personnel by reducing the number of false positives. However, according to Abstract CEO and co-founder Colby DeRodeff, this was only the beginning. He believes that a real ‘reset’ is needed, in the form of an ‘AI-Gen Composable SIEM’.

Terminology

Unlike monolithic SIEM systems, Abstract is building a modular solution in which the various SIEM components represent a system of systems. Think of data ingestion, pipelines, storage, detection, AI-based triage, and response. According to Abstract, this division has several advantages.

Firstly, the functionality is distributed, which Abstract claims reduces vendor lock-in compared to legacy SIEM tooling. Data can also be intelligently navigated to the desired location, resulting in lower storage costs. Scaling up is also easier because only the necessary components grow as needed, unlike solutions that require an upgrade of the entire system to add extra functionality.

Streaming-first approach

Abstract also focuses on the real-time processing of security data. Detections run in-stream for an immediate threat response. AI is further embedded in workflows for triage, investigation, and response. The system scales elastically across multi-cloud and hybrid environments.

Abstract notes that the volume of security data continues to grow, making the modular solution of an AI-Gen Composable SIEM more attractive. According to the company, the amount of data is growing by 25 to 30 percent annually, driven by AI expansion and multi-cloud complexity. Traditional SIEM platforms are struggling with this growth, says DeRodeff.

Market context

Abstract customers would see a 65 to 75 percent price reduction for SIEM from their migration. They also report faster mean time to detect (MTTD) and mean time to respond (MTTR). At the end of the day, these are the best arguments for switching, in addition to the technical explanation. Ultimately, the name, whether it’s next-gen SIEM or AI-Gen Composable SIEM, is less relevant than its practical benefits.

Abstract innovates in SIEM with ‘composable’ architecture

Terminology

Streaming-first approach

Market context

Stay tuned, subscribe!

Nextcloud doubles down on sovereign message with latest release

A deep-dive into Cisco’s AgenticOps approach to network operations

Cisco builds its own VMware hypervisor alternative, release imminent

Snowflake CEO: Software risks becoming a “dumb data pipe” for AI

Workday Rising EMEA: platform transformation: Pipedream, AI agents and sovereignty

Sophos CEO sees "cybersecurity poverty line": what to do about it?

Qualcomm tells us how ARM chips will disrupt the enterprise PC market

NetSuite founder reveals AI transformation 5 years in the making

4 steps to create a future-proof data infrastructure

Secure networking: the foundation for the AI era

Why AI adoption requires a dedicated approach to cyber governance

Professional print materials for European tech events, why booth design still makes the difference

Appdevcon

Webdevcon

Dutch PHP Conference

De IT Afdeling van de toekomst

GITEX ASIA 2026

Southeast Asia AI Application Summit 2026

Experience Synology’s latest enterprise backup solution

How to choose the right Enterprise Linux platform?

Enhance your data protection strategy for 2025

Strengthen your cybersecurity with DNS best practices