Essential Guide

How to define SIEM strategy, management and success in the enterprise

Learn how to develop or refresh your enterprise SIEM strategy

Introduction

Security information and event management technology has traveled a long and winding road, but today enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Yet many enterprises haven't implemented a modern SIEM product, and others that have aren't taking full advantage of the advanced capabilities of contemporary products. In this Essential Guide, learn to develop or refresh your enterprise SIEM strategy to set the stage for SIEM success today and tomorrow according to how you best define SIEM for your business.

1Strategy-

Demystifying SIEM: Making the business case

Define SIEM products and capabilities that will enhance your enterprise, then make the business case to invest in SIEM

Tip

SIEM technology primer: SIEM platforms have improved significantly

After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses. Continue Reading

Magazine

Unlocking the opportunity of SIEM technology

Learn about SIEM technology and how to unlock the opportunity for it to be a powerful technique in the fight against cybercrime. Continue Reading

News

Security information management systems aspire to real time security

Today's security information management systems (SIM) are excellent forensics tools, but they haven't yet achieved status as effective real-time security tools. Continue Reading

Tip

Five tips to improve a threat and vulnerability management program

Use these five simple tips from expert Diana Kelley to improve your enterprise's threat and vulnerability management program. Continue Reading

Answer

Is centralized logging worth all the effort?

Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure. Continue Reading

2Operations-

SIEM operational best practices

Explore SIEM's role in rapid attack detection. Learn how to succeed with SIEM intrusion monitoring.

Tip

SIEM best practices for advanced attack detection

SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and describes the SIEM tuning process step by step. Continue Reading

Tip

Why focus on SIEM integration, coverage maximizes anomaly detection

Reliable anomaly detection using a SIEM hinges on collecting a wide range of security events. Andrew Hutchison covers SIEM integration best practices. Continue Reading

Tip

Exploring SIM architecture options for virtual data center security

Learn some of the options enterprises must consider regarding SIM architecture and virtual data center security. Continue Reading

Answer

Should IDS and SIM/SEM/SIEM be used for network intrusion monitoring?

Is it enough just to monitor log data, or does that data need to be fed into a SIM/SEM/SIEM product in order to ease the data analysis process? Network security expert Mike Chapple weighs in. Continue Reading

Tip

Securing the SIEM system: Control access, prioritize availability

The prospect of a SIEM system crash should scare any enterprise. Guard against a compromised SIEM system to protect the security nerve center. Continue Reading

3The future-

SIEM 2.0: Emerging security data strategies

Prepare for what's next for SIEM and related technologies; assess the growing importance of big data for security analysis.

News

SIEM vendors make the case for extending SIEM product capabilities

Advanced features reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions. Continue Reading

News

Some CISOs consider ripping out or augmenting outdated SIEM systems

Outdated SIEM systems are difficult to deploy and costly to maintain, according to one expert. Today, CISOs are considering highly integrated, lightweight systems with more automation. Continue Reading

News

Big data 2.0: CISOs push need to identify attack campaigns

CISOs at RSA Conference 2013 say identifying attack campaigns means taking security big data to the next level. The hard part? Finding data analysts. Continue Reading

Magazine

Big data security analytics: Harnessing new tools for better security

New techniques are emerging to help organizations analyze security data and improve security defenses. Continue Reading

Magazine

A framework for big data security

Organizations are entranced with big data but need to acknowledge the security risks and plan accordingly. Continue Reading