Home
Topics
Enterprise Network Security
Network Intrusion Detection and Analysis
Security Event Management
How to define SIEM strategy, management and success in the enterprise

Essential Guide

This Essential Guide is a collection of articles, videos and other content selected by our editors to give you a comprehensive view of this topic.

How to define SIEM strategy, management and success in the enterprise

Learn how to develop or refresh your enterprise SIEM strategy

Guide Contents

- 1. - Demystifying SIEM: Making the business case
- 2. - SIEM operational best practices
- 3. - SIEM 2.0: Emerging security data strategies

Security information and event management technology has traveled a long and winding road, but today enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Yet many enterprises haven't implemented a modern SIEM product, and others that have aren't taking full advantage of the advanced capabilities of contemporary products. In this Essential Guide, learn to develop or refresh your enterprise SIEM strategy to set the stage for SIEM success today and tomorrow according to how you best define SIEM for your business.

Strategy

1. Demystifying SIEM: Making the business case

Define SIEM products and capabilities that will enhance your enterprise, then make the business case to invest in SIEM

SIEM technology primer: SIEM platforms have improved significantly

After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses.

Tip
Unlocking the opportunity of SIEM technology

Learn about SIEM technology and how to unlock the opportunity for it to be a powerful technique in the fight against cybercrime.

Magazine
Security information management systems aspire to real time security

Today's security information management systems (SIM) are excellent forensics tools, but they haven't yet achieved status as effective real-time security tools.

News
Five tips to improve a threat and vulnerability management program

Use these five simple tips from expert Diana Kelley to improve your enterprise's threat and vulnerability management program.

Tip
Is centralized logging worth all the effort?

Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure.

Ask the Expert

Operations

2. SIEM operational best practices

Explore SIEM's role in rapid attack detection. Learn how to succeed with SIEM intrusion monitoring.

SIEM best practices for advanced attack detection

SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and describes the SIEM tuning process step by step.

Tip
Why focus on SIEM integration, coverage maximizes anomaly detection

Reliable anomaly detection using a SIEM hinges on collecting a wide range of security events. Andrew Hutchison covers SIEM integration best practices.

Tip
Exploring SIM architecture options for virtual data center security

Learn some of the options enterprises must consider regarding SIM architecture and virtual data center security.

Tip
Should IDS and SIM/SEM/SIEM be used for network intrusion monitoring?

Is it enough just to monitor log data, or does that data need to be fed into a SIM/SEM/SIEM product in order to ease the data analysis process? Network security expert Mike Chapple weighs in.

Ask the Expert
Securing the SIEM system: Control access, prioritize availability

The prospect of a SIEM system crash should scare any enterprise. Guard against a compromised SIEM system to protect the security nerve center.

Tip

The future

3. SIEM 2.0: Emerging security data strategies

Prepare for what's next for SIEM and related technologies; assess the growing importance of big data for security analysis.

SIEM vendors make the case for extending SIEM product capabilities

Advanced features reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.

News
Some CISOs consider ripping out or augmenting outdated SIEM systems

Outdated SIEM systems are difficult to deploy and costly to maintain, according to one expert. Today, CISOs are considering highly integrated, lightweight systems with more automation.

News
Big data 2.0: CISOs push need to identify attack campaigns

CISOs at RSA Conference 2013 say identifying attack campaigns means taking security big data to the next level. The hard part? Finding data analysts.

News
Big data security analytics: Harnessing new tools for better security

New techniques are emerging to help organizations analyze security data and improve security defenses.

Feature
A framework for big data security

Organizations are entranced with big data but need to acknowledge the security risks and plan accordingly.

Magazine

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs