SIEM is Security Systems’ “BIG BOSS”

July 13, 2016 | Views: 4473

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

SIEM is like the choirmaster of all your security devices. Other systems only perform/provide the following:

  • Intrusion detection system (IDS) only understand Protocols,Packets & IP addresses.
  • Asset management systems check apps, owners and business processes.
  • Service logs show configuration changes, logins and service activities.
  • Endpoint security takes care of hosts, usernames and files.

But, the catch is none of these security systems can make you aware of what’s happening to your business in terms of bulls eye security and continuity of the business process. And, once all of them come together, the “Rock & Roll” happens.

This is what SIEM does. It sits on top of all your security devices as a management layer and then it connects, correlates and unifies all the data and comes out with a logical understanding of all event data into one single platform so it can be analyzed and cross-referred. The baseline is: “The more data you put in your SIEM tool, the more powerful it becomes.”

Having said that, enjoy the music from your choirmaster.

 

Questions? Post them in the comments section below.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
20 Comments
  1. We are implementing a SIEM right now and the solution we chose they do not seem to understand correlation…. been very frustrating because during our POC correlation is what they said they were good at.

  2. Just want to share I have used Accelops as our SIEM before, and I find it nice to use since the UI is straight forward and you can easily generate reports.

  3. This is nice to read. Thanks

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel