Access your Pro+ Content below.
Security information management systems and application monitoring
This article is part of the June 2012 issue of Information Security magazine
Enterprises have adopted security information management systems (SIMs) for their value in correlating, reporting, and alerting on network security. By feeding firewalls, intrusion detection and prevention, and vulnerability analysis into a common platform, network and security managers have a valuable window, giving greater visibility and helping to clear out the noise. Despite their name, though, SIMs can be used for more than network security monitoring. In many cases, the same tools can bring value to application managers if they’re used correctly. With attacks targeting the application layer, SIMs can help find security problems in enterprise applications that otherwise might get missed. But SIMs can do more than identify security threats: Any hard-to-find event or application performance issue can show up through careful analysis. We’ll walk through the four steps application managers need to integrate applications into enterprise security information management systems and begin analyzing, reporting and alerting. Feeding...
Features in this issue
Businesses and government agencies work to improve sharing of cyberthreat information.
Capabilities such as encryption and DLP can be complicated in the cloud.
SIMs aren’t just for network monitoring anymore.
Legislation designed to provide the federal government with threat data from the private sector gains steam.
Columns in this issue
Reflections on the ICS CERT alert, Oracle’s handling of a zero-day and more.
Security expert Marcus Ranum talks with Brian Chess, formerly of HP, about coding practices and security.
Enterprises need an agile risk management strategy to deal with today’s evolving threats.