Integration of Networking and Security School

Improving security management processes with SIEM

New Security information management systems are the hub of your network security infrastructure, with each spoke from firewalls, intrusion detection, network anomaly behavior systems and more feeding reams of information to these sophisticated collectors. The biggest challenge for the security analyst is to obtain useful information about threats and vulnerabilities from the data collected and correlated by a SIM.

This Security School will explain the best means for an organization to effectively analyze SIM data, how to improve SIM collection, set reasonable goals for these tools and how to get the best data in order to improve incident response, change management processes and security policies overall.

About the author: Mike Rothman is president and principal analyst of Securosis, an independent information security research firm.

In this part:

Webcast: The Past, present and future of SIEM

Security information and event management technology has been around for over a decade. First generation technologies have given way to the 2.0 moniker, which is now being positioned as a "Security Big Data Analytics" platform. In this webcast, Securosis analyst Mike Rothman will touch on the history of SIEM, the challenges of making the technology work at scale, and discuss how enterprises have overcome these issues to use SIEM to generate actionable intelligence. Mike will also discuss the evolution to highly scalable analytics platforms, which will enable organizations to finally realize the promise of SIEM.

Tip: SIEM best practices for advanced attack detection

The industry has panned SIEM as overly expensive and under performing technology, and have used the products as glorified compliance reporting engines. But to be clear, it's not a technology problem, it's a process issue. In this tech tip, Securosis analyst Mike Rothman will outline a time tested process to build SIEM policies which actually alert on the attacks you need to protect against.

Podcast: Truth or consequences: The top 5 lies about SIEM

You'll hear all sorts of outlandish claims from company's pushing SIEM technology. In this thought provoking (and funny) podcast, Securosis analyst Mike Rothman will help you parse the hyperbole and wade through the sales lingo to isolate what's important about SIEM. By deflating the Top 5 lies about SIEM, you'll make it clear that you know what questions to ask and are a sophisticated buyer.

Quiz: Using SIEM technology to improve security management processes

In this five question quiz, test your knowledge of our Security School lesson on core functions and options of SIEM.

Quiz: Using SIEM to improve...

Back to top