Enterprise DAM implementation best practices

Mike Cobb analyzes the differences between a SIEM and DAM implementation and how to successfully configure an enterprise DAM.
Real-time security ambitious for SIM

Today’s security information management systems (SIM) are excellent forensics tools, but they haven’t yet achieved status as effective real-time security tools.
Some CISOs consider ripping out outdated SIEM systems

Outdated SIEM systems were difficult to deploy and costly to maintain, according to one expert. Today, CISOs are considering highly integrated, lightweight systems with more automation.
SIEM technology primer

After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses.

Security Event Management

Essential Knowledge
News
Tips
Expert Advice
Definitions
Multimedia
All

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Technical Guide on SIM

Application security managers: learn four key steps to connect apps with SIMs to enable successful analysis, reporting and alerting. Guide
Quiz: Application and network log management program planning

Find out how much you've retained from the Application and log management program planning Security School lesson. Quiz
Quiz: Getting the most out of your SIM deployment

With this five-question quiz, test your knowledge of Adrian Lane's SIM deployment Security School lesson. Quiz
Quiz:: Marrying security and networking tools

A five-question multiple-choice quiz to test your understanding of Sasan Hamidi's Integration of Networking and Security School lesson. Quiz
Quiz: Security information management systems

A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Intrusion Defense School. Quiz
The future of intrusion defense

This article analyzes network intrusion defense technologies and illustrates how the growth of networks with many distributed control points is creating a greater need for technological integration. Learn strategies to prepare for the future and prov... Security School
Quiz: Securing your network

Test your knowledge of network security. Quiz

TIBCO to acquire SIEM vendor LogLogic

TIBCO, an integration software company with little security experience, will purchase one of the few remaining viable standalone SIEM vendors. Terms were not disclosed. News | 04 Apr 2012
Security information management systems aspire to real-time security

Today’s security information management systems (SIM) are excellent forensics tools, but they haven’t yet achieved status as effective real-time security tools. News | 03 Apr 2012
Some CISOs consider ripping out or augmenting outdated SIEM systems

Outdated SIEM systems were difficult to deploy and costly to maintain, according to one expert. Today, CISOs are considering highly integrated, lightweight systems with more automation. News | 02 Apr 2012
Verizon data breach report shows weak passwords at root of 2011 data breaches

Weak and default passwords are at the root of many data security breaches investigated by Verizon in 2011. News | 07 Mar 2012
IBM QRadar adds X-Force threat intelligence to SIEM system

Big Blue unveils integration of its Q1 Labs acquisition giving IT security pros the ability to add rule-based alerts using threat intelligence feeds. News | 22 Feb 2012
IT security pros acknowledge network security weaknesses, configuration issues

Improperly configured network devices and the inability to measure the network security posture make most IT organizations incapable of finding gaps in their systems, according to a new survey. News | 13 Oct 2011
IBM, McAfee add SIEM security capabilities with acquisitions

McAfee buys NitroSecurity for its ePolicy Orchestrator while Big Blue has created a security division for its Q1 Labs acquisition. News | 04 Oct 2011
ArcSight SIEM integration brings opportunities for ForeScout partners

ForeScout’s NAC product may now be integrated into ArcSight’s SIEM platform. This could open doors for ForeScout partners into ArcSight accounts. News | 16 Sep 2011
SIEM vendors make the case for extending SIEM product capabilities

Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions. News | 01 Apr 2011
HP buys ArcSight for security information event management in $1.5 billion deal

Hewlett Packard struck a $1.5 billion deal to integrate ArcSight's event correlation software into its IT management and operations suite. Article | 13 Sep 2010
See More: News on Security Event Management

SIEM technology primer: SIEM platforms have improved significantly

After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses. Tip
Securing the SIEM system: Control access, prioritize availability

The prospect of a SIEM system crash should scare any enterprise. Guard against a compromised SIEM system to protect the security nerve center. Tip
How to collect Windows Event logs to detect a targeted attack

Targeted attacks are growing, and eventually your enterprise will be a target. Expert Richard Bejtlich covers how to collect Windows Event logs to detect an intrusion. Tip
Application log management: Enabling application security compliance

Expert Michael Cobb discusses how application audits and information and event management can save you time and energy with application security compliance. Tip
Exploring SIM architecture options for virtual data center security

To be successful in securing the virtual data center, security information management (SIM), a key element for effective data center security, must virtualize and become virtualization-aware. In this tip, we’ll discuss some of the options enterprises... Tip
Cisco MARS: What third-party lockout means for SIEM products

Now that Cisco's MARS SIEM product no longer supports third-party product integration, should enterprises migrate away from the product? In this tip, network security expert Anand Sastry discusses how MARS works and whether the technology is still go... Tip
Log management best practices: Five tips for success

The right log management tool can quickly seem like the wrong one without advance planning on how to make the most of it. Diana Kelley offers six log management best practices to help do just that. Tip
Analyzing MSSP providers' log files for IT security events

Analyzing firewall, Windows server and antivirus log files can seem like an endless and tedious task, especially for an understaffed security team, but it's extremely important for detecting IT security events. Read more in this network security expe... Tip
Forensic incident response: Integrating a SIM system and an IAM system

SIM systems and identity management systems are designed to operate independently; by understanding where each technology's integration points are and how to maintain their effectiveness once they're joined, it's possible to create a more effective i... Tip
Understanding PCI DSS compliance requirements for log management

Proper PCI DSS compliance requires effective event log management, but many enterprises fail to not only gather all the relevant data, but also analyze and remediate the results. Forrester Research Senior Analyst John Kindervag offers best practices ... Tip
See More: Tips on Security Event Management

SIEM vs. DAM technology: Enterprise DAM implementation best practices

Mike Cobb analyzes the differences between a SIEM and DAM implementation and how to successfully configure an enterprise DAM. Answer
Data breach notification legislation: What info must be released?

In the wake of a credit card data breach, what customer data breach information must be released per data breach notification legislation? David Mortman addresses the question in this expert response. Ask the Expert
How to prevent a denial-of-service (DoS) attack

While it may not be possible to fully eradicate the risk of DoS attacks from an enterprise, there are steps that infosec pros can take to prevent them. In this expert response, Mike Chapple gives pointers on how to prevent DoS attacks. Ask the Expert
The top 5 network security practices

Looking to brush up your network security practices? Check out these top five recommendations from expert Mike Chapple. Ask the Expert
Should IDS and SIM/SEM/SIEM be used for network intrusion monitoring?

Is it enough just to monitor log data, or does that data need to be fed into a SIM/SEM/SIEM product in order to ease the data analysis process? Network security expert Mike Chapple weighs in. Ask the Expert
How to estimate log generation rates

In this expert response, Mike Chapple explains why estimating log generation rates is so difficult. Ask the Expert
What reporting tools are available for an enterprise IDS?

Modern security analysts can easily become overwhelmed by the variety and quantity of audit records. In this SearchSecurity.com Q&A, network expert Mike Chapple reveals which open-source reporting tools can make life easier. Ask the Expert
Is centralized logging worth all the effort?

Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure. Ask the Expert
Can network behavior anomaly detection (NBAD) products stop rootkits?

There are plenty of network-based products that use packet and connection rates to detect rootkits and other malware. In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis reviews which products, as well as Internet-based pro... Ask the Expert
Printing a log of administrator's work

Ask the Expert
See More: Expert Advice on Security Event Management

security information management (SIM)

Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs. A security information management system (SIMS) automates that practice. Security information management is someti... Definition

Black Hat 2011: SIM rule maker on attacks and defenses

LogRhythm Labs explains their new rules for the vendor’s SIM appliances. Video
SIEM market overview: Gartner's Mark Nicolett

Gartner VP and distinguished analyst Mark Nicolett discusses SIEM vendor consolidation, the myth that SIEM is a cost-saving effort and more. Video
SIMs tools and tactics for business intelligence

Security information management systems (SIMs) automate the process of looking through logs to help produce effective reports, issue alerts and do forensics. In the era of regulation, organizations also need added visibility into their networks and a... Video

SIEM vs. DAM technology: Enterprise DAM implementation best practices

Mike Cobb analyzes the differences between a SIEM and DAM implementation and how to successfully configure an enterprise DAM. Answer
TIBCO to acquire SIEM vendor LogLogic

TIBCO, an integration software company with little security experience, will purchase one of the few remaining viable standalone SIEM vendors. Terms were not disclosed. News
Security information management systems aspire to real-time security

Today’s security information management systems (SIM) are excellent forensics tools, but they haven’t yet achieved status as effective real-time security tools. News
Some CISOs consider ripping out or augmenting outdated SIEM systems

Outdated SIEM systems were difficult to deploy and costly to maintain, according to one expert. Today, CISOs are considering highly integrated, lightweight systems with more automation. News
SIEM technology primer: SIEM platforms have improved significantly

After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses. Tip
Securing the SIEM system: Control access, prioritize availability

The prospect of a SIEM system crash should scare any enterprise. Guard against a compromised SIEM system to protect the security nerve center. Tip
Technical Guide on SIM

Application security managers: learn four key steps to connect apps with SIMs to enable successful analysis, reporting and alerting. Guide
Verizon data breach report shows weak passwords at root of 2011 data breaches

Weak and default passwords are at the root of many data security breaches investigated by Verizon in 2011. News
IBM QRadar adds X-Force threat intelligence to SIEM system

Big Blue unveils integration of its Q1 Labs acquisition giving IT security pros the ability to add rule-based alerts using threat intelligence feeds. News
IT security pros acknowledge network security weaknesses, configuration issues

Improperly configured network devices and the inability to measure the network security posture make most IT organizations incapable of finding gaps in their systems, according to a new survey. News
See More: All on Security Event Management

About Security Event Management

Scanning and interpreting the plethora of alerts and logs produced each day by various stand-alone network devices isn't humanly possible. Learn how to use security even management and centralized consoles scan to analyze vast amounts of data, and provide real-time threat and incident response.

Latest Headlines

Featured

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

Security Event Management

Email Alerts

About Security Event Management

More from Related TechTarget Sites