InternetLatest Updates

SIEM Technology

SIEM when expanded Security Information and Event Management tool help you process meaningful results from the raw logs driven from log sources. SIEM is a combination of process engines with provides a real-time analysis of security breaches and Incidents on devices integrated. The Operations can be categorized as SIM (Security Information Management) and SEM (Security Event Management) process.

A SIEM is a combination product for Log management, Co-Relation of Alerts, Reporting. Log Management, As mentioned before helps the organisation to keep logs on a centralized location for a log periods which can be helpful in system audits. Co-relation engine helps to club the incidents of same categories from different devices. this need to be created or edited manually for organisation infrastructure and as per company policies. Reporting can be useful for audits where we need to provide specific reports to review.

Before Planning to add an SIEM devices, Usually a data analysis should be done where a complete chart of event chart should be created. this helps you to create reports and correlation alerts on SIEM. After preparing the data analysis report, usually we recommend to create a Critical assessment sheet from business and CISO which specifically says how critical is the device and impact of incident of specific device. This help you to segregate incidents and provide severity information.

On implementing SIEM make sure the devices connected are sending required logs which is mentioned on data analysis chart. Review EPS average / peek rate and usage of disk which helps you to track the storage usage. While integrating databases make sure only security events are being tracked. Create co-relation alerts and to the incidents.

SIEM solutions come as Software which can be installed on a server else as a Device. EPS count is the most important feature which is to be tracked before buying the product.

Major Seller Includes :

HP Arc-Sight – www. arc-sight.com
RSA enVision – www. rsa.com
LogLogic – www. loglogic.com
Splunk – www. splunk.com
NitroSecurity – www. nitrosecurity.com

For freeware Please try :

Logzilla – www. logzilla.pro

About author

Articles

Arun Wilson is a self-confessed tech and gadget freak. When he isn't busy navigating life, he loves sharing the latest updates on technology, internet security, and new gadgets. Connect with Arun: Follow on X | Facebook
Related posts
InternetLatest Updates

Beyond Passwords: A Guide to the Different Types of 2-Factor Authentication

If your online accounts were a house, a password would be the lock on the front door. It keeps…
Read more
Share
How-ToInternetLatest Updates

Don't Toss It! How to Turn Your Old Wi-Fi Router into a Repeater

We’ve all been there: you upgrade to a shiny new Wi-Fi router to get better speeds, and your…
Read more
Share
Latest UpdatesTechnology

Beyond the Moat: Ditching VPNs for a Zero Trust Security Architecture

For years, the gold standard for secure remote access was the Virtual Private Network (VPN). We…
Read more
Share

1 Comment

Comments are closed.
  • STooms

    I think it’s worth mentioning Secnology, which is a Big Data tool that does SIEM easily and cost effectively.