Access your Pro+ Content below.
Unlocking the opportunity of SIEM technology
This article is part of the March 2012 issue of Information Security magazine
Ensuring the ongoing integrity of an enterprise information technology environment is a formidable task, and one that requires every advantage a delivery management team can harness. Security information and event management, or SIEM, can create a significant advantage in providing enterprises with a comprehensive, coordinated view of the security status of their environment. The challenge in security is always to remain one step ahead of those who may try to compromise the integrity in some way. Implemented properly, SIEM technology can be a powerful technique for obtaining advantage over individuals or technologies with malicious intent. The opportunity of SIEM is to establish a centralized, coordinated view of security-related information and events. The underlying principle is that such inputs are produced in multiple locations, but without seeing “the big picture,” it may not be obvious that trends or patterns are occurring. By establishing a collector network, the security-related events from end-user devices, servers, ...
Features in this issue
Learn about SIEM technology and how to unlock the opportunity for SIEM technology to be a powerful technique in the fight against cybercrime.
The attack on RSA shook the security industry to its core: A look at the breach’s far reaching impact.
There’s a lot of hype about next-generation firewalls. Here’s what you need to know.
Poorly configured remote administration tools are a common attack vector, security experts say.