OMB M-26-14: From Data Hoarding to Active Defense
🔐 The OMB Memo M-26-14 ends compliance-driven data hoarding and mandates a risk-based, machine-speed logging approach. It requires six months of logs to be hot and searchable and one year retrievable, expands visibility to IoT/OT, and emphasizes continuous event monitoring and AI-driven detection. Legacy SIEMs struggle to meet these goals; Palo Alto Networks positions Cortex XSIAM as a FedRAMP-certified solution built for index-free, AI-enabled, cross-domain threat hunting.
