Security Management Strategies for the CIO
Email Alerts
-
Exploring the benefits of enhanced SIEM products
Access this issue now and examine how SIEM is leading the charge in building a coordinated view of security-related information and event integration (including integrating fraud detection data and network access control technologies to name a few) a... E-Zine
-
Winning strategies for integrating security information management and identity access management
This month’s cover story, “Linking ‘Who’ and ‘What’”, explains the new trend of joining SIM and IAM strategies to tie system vulnerabilities and policy violations to the user activity that causes them. Other articles in this month’s issue cover topic... E-Zine
-
Log management best practices for enterprises
Are you bound to regulations? Then you’re no stranger to log management, and the importance of analyzing the reams of data your devices produce. Log management is covering several important aspects of network security. The four major chapters of thi... E-Book
-
Effective strategies for risk management and security information management systems
This month's issue of Information Security Magazine covers a breadth of topics. The cover story this month is about SIM and how it can boost compliance, visibility, and overall business intelligence. Other featured articles cover risk management, con... E-Zine
-
The power of SIMs for visibility and compliance
Security information management systems (SIMs) can offer visibility, control and compliance. Learn how they can help you. In addition, get tips on excelling at encryption and building your own Web app firewall. E-Zine
-
How to define SIEM strategy, management and success in the enterprise
Enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Learn how to achieve success with SIEM in your organization. Essential Guide
-
Quiz: Using SIEM technology to improve security management processes
In this five question quiz, test your knowledge of our Security School lesson on using SIEM technology to improve security management processes. Quiz
-
Improving security management processes with SIEM
This Security School will explain the best means for an organization to effectively analyze SIM data, how to improve SIM collection, set reasonable goals for these tools and how to get the best data in order to improve incident response, change manag... partOfGuideSeries
-
Quiz: Using SIM for threat monitoring
Take this five-question quiz to test your knowledge of our lesson on using SIM for threat monitoring. Quiz
-
Using SIM for threat monitoring
From a security perspective, it is challenging to keep ahead of the constantly evolving enterprise threat landscape. Security information and event management (SIEM) systems, however, can be a vital component of an enterprise’s threat mitigation arse... partOfGuideSeries
-
Technical Guide on SIM
Application security managers: learn four key steps to connect apps with SIMs to enable successful analysis, reporting and alerting. Guide
-
Quiz: Application and network log management program planning
Find out how much you've retained from the Application and log management program planning Security School lesson. Quiz
-
Quiz: Getting the most out of your SIM deployment
With this five-question quiz, test your knowledge of Adrian Lane's SIM deployment Security School lesson. Quiz
-
Quiz:: Marrying security and networking tools
A five-question multiple-choice quiz to test your understanding of Sasan Hamidi's Integration of Networking and Security School lesson. Quiz
-
Quiz: Security information management systems
A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Intrusion Defense School. Quiz
- See more Essential Knowledge on Security Event Management
-
Cisco's pxGrid framework creates context-aware security with Cisco ISE
Cisco introduces pxGrid, a new framework for sharing contextual information between security technologies, beginning with Cisco ISE. News | 13 Jun 2013
-
Big data 2.0: CISOs push need to identify attack campaigns
CISOs at RSA Conference 2013 say identifying attack campaigns means taking security big data to the next level. The hard part? Finding data analysts. News | 27 Feb 2013
-
Coviello pitches 'transformational' information security strategy
In a talk critical of cyberattack finger-pointing, Art Coviello stressed the need for infosec strategy to emphasize big data, interconnectivity. News | 26 Feb 2013
-
Targeted attackers often gain upper hand once inside, says Trend Micro
Once inside, skilled attackers can scout for exploitable flaws and set up private communication channels to support cyberespionage campaigns. News | 25 Sep 2012
-
KEYW inks deal to acquire SIEM technology supplier Sensage
KEYW says Sensage will help it develop its cyber response platform. News | 13 Sep 2012
-
TIBCO to acquire SIEM vendor LogLogic
TIBCO, an integration software company with little security experience, will purchase one of the few remaining viable standalone SIEM vendors. Terms were not disclosed. News | 04 Apr 2012
-
Security information management systems aspire to real-time security
Today’s security information management systems (SIM) are excellent forensics tools, but they haven’t yet achieved status as effective real-time security tools. News | 03 Apr 2012
-
Some CISOs consider ripping out or augmenting outdated SIEM systems
Outdated SIEM systems were difficult to deploy and costly to maintain, according to one expert. Today, CISOs are considering highly integrated, lightweight systems with more automation. News | 02 Apr 2012
-
Verizon data breach report shows weak passwords at root of 2011 data breaches
Weak and default passwords are at the root of many data security breaches investigated by Verizon in 2011. News | 07 Mar 2012
-
IBM QRadar adds X-Force threat intelligence to SIEM system
Big Blue unveils integration of its Q1 Labs acquisition giving IT security pros the ability to add rule-based alerts using threat intelligence feeds. News | 22 Feb 2012
- See more News on Security Event Management
-
Marcus Ranum chat: Next-generation SIEM
Security expert Marcus Ranum goes one-on-one with Gartner’s Anton Chuvakin about SIEM technology and where it’s headed. Column
-
Firewall and system logs: Using log file analysis for defense
Log analysis is the most under-appreciated, unsexy aspect of infosecurity, yet Marcus Ranum says it's one of the most important. Opinion
-
Using a next-gen firewall to determine application access policies
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features. Tip
-
SIEM best practices for advanced attack detection
SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step. Tip
-
Five tips to improve a threat and vulnerability management program
Utilize these five simple tips from expert Diana Kelley to improve your enterprise's threat and vulnerability management program. Tip
-
Network log management on a budget: How to streamline log analysis
Expert Matt Pascucci examines free tools and offers simple tactics that organizations can use to streamline the network log analysis and management process. Tip
-
Why focus on SIEM integration, coverage maximizes anomaly detection
Reliable anomaly detection using a SIEM hinges on collecting a wide range of security events. Andrew Hutchison covers SIEM integration best practices. Tip
-
SIEM technology primer: SIEM platforms have improved significantly
After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses. Tip
-
Securing the SIEM system: Control access, prioritize availability
The prospect of a SIEM system crash should scare any enterprise. Guard against a compromised SIEM system to protect the security nerve center. Tip
-
How to collect Windows Event logs to detect a targeted attack
Targeted attacks are growing, and eventually your enterprise will be a target. Expert Richard Bejtlich covers how to collect Windows Event logs to detect an intrusion. Tip
-
Application log management: Enabling application security compliance
Expert Michael Cobb discusses how application audits and information and event management can save you time and energy with application security compliance. Tip
-
Exploring SIM architecture options for virtual data center security
To be successful in securing the virtual data center, security information management (SIM), a key element for effective data center security, must virtualize and become virtualization-aware. In this tip, we’ll discuss some of the options enterprises... Tip
- See more Tips on Security Event Management
-
Open source security tools: Getting more out of an IT security budget
Open source security tools can help stretch your IT security budget further -- that is, if you use them strategically. Joseph Granneman explains how. Answer
-
Audit log security: How to monitor and protect audit logs
Is it possible to make audit logs tamper-proof? Expert Matthew Pascucci offers best practices for audit log security and monitoring. Answer
-
SIEM vs. DAM technology: Enterprise DAM implementation best practices
Mike Cobb analyzes the differences between a SIEM and DAM implementation and how to successfully configure an enterprise DAM. Answer
-
Data breach notification legislation: What info must be released?
In the wake of a credit card data breach, what customer data breach information must be released per data breach notification legislation? David Mortman addresses the question in this expert response. Ask the Expert
-
How to prevent a denial-of-service (DoS) attack
While it may not be possible to fully eradicate the risk of DoS attacks from an enterprise, there are steps that infosec pros can take to prevent them. In this expert response, Mike Chapple gives pointers on how to prevent DoS attacks. Ask the Expert
-
The top 5 network security practices
Looking to brush up your network security practices? Check out these top five recommendations from expert Mike Chapple. Ask the Expert
-
Should IDS and SIM/SEM/SIEM be used for network intrusion monitoring?
Is it enough just to monitor log data, or does that data need to be fed into a SIM/SEM/SIEM product in order to ease the data analysis process? Network security expert Mike Chapple weighs in. Ask the Expert
-
How to estimate log generation rates
In this expert response, Mike Chapple explains why estimating log generation rates is so difficult. Ask the Expert
-
What reporting tools are available for an enterprise IDS?
Modern security analysts can easily become overwhelmed by the variety and quantity of audit records. In this SearchSecurity.com Q&A, network expert Mike Chapple reveals which open-source reporting tools can make life easier. Ask the Expert
-
Is centralized logging worth all the effort?
Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure. Ask the Expert
- See more Expert Advice on Security Event Management
-
security event (security incident)
A security event is a change in the everyday operations of a network or IT service, indicating that an security policy may have been violated or a security safeguard may have failed. Definition
-
security information management (SIM)
Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs. A security information management system (SIMS) automates that practice. Security information management is someti... Definition
-
Splunk tutorial demonstrates how to use Splunk for security
Video: Keith Barker of CBT Nuggets walks viewers through a tutorial of Splunk and shows how the free version can be used for IT security. Video
-
Brian Contos on detecting rootkits with hardware-based security
Hardware-based security tools can help security teams detect rootkits that are used by attackers to hide malware below the operating system. Video
-
Black Hat 2011: SIM rule maker on attacks and defenses
LogRhythm Labs explains their new rules for the vendor’s SIM appliances. Video
-
Log management strategies that work
In this video presentation, Diana Kelley of consultancy SecurityCurve gives expert advice on how to tune log management tools and policies so they pick up on only the necessary events. Video
-
SIEM market overview: Gartner's Mark Nicolett
Gartner VP and distinguished analyst Mark Nicolett discusses SIEM vendor consolidation, the myth that SIEM is a cost-saving effort and more. Video
-
SIMs tools and tactics for business intelligence
Security information management systems (SIMs) automate the process of looking through logs to help produce effective reports, issue alerts and do forensics. In the era of regulation, organizations also need added visibility into their networks and a... Video
-
Using a next-gen firewall to determine application access policies
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features. Tip
-
How to define SIEM strategy, management and success in the enterprise
Enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Learn how to achieve success with SIEM in your organization. Essential Guide
-
Cisco's pxGrid framework creates context-aware security with Cisco ISE
Cisco introduces pxGrid, a new framework for sharing contextual information between security technologies, beginning with Cisco ISE. News
-
Open source security tools: Getting more out of an IT security budget
Open source security tools can help stretch your IT security budget further -- that is, if you use them strategically. Joseph Granneman explains how. Answer
-
SIEM best practices for advanced attack detection
SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step. Tip
-
Quiz: Using SIEM technology to improve security management processes
In this five question quiz, test your knowledge of our Security School lesson on using SIEM technology to improve security management processes. Quiz
-
Improving security management processes with SIEM
This Security School will explain the best means for an organization to effectively analyze SIM data, how to improve SIM collection, set reasonable goals for these tools and how to get the best data in order to improve incident response, change manag... partOfGuideSeries
-
Audit log security: How to monitor and protect audit logs
Is it possible to make audit logs tamper-proof? Expert Matthew Pascucci offers best practices for audit log security and monitoring. Answer
-
Big data 2.0: CISOs push need to identify attack campaigns
CISOs at RSA Conference 2013 say identifying attack campaigns means taking security big data to the next level. The hard part? Finding data analysts. News
-
Coviello pitches 'transformational' information security strategy
In a talk critical of cyberattack finger-pointing, Art Coviello stressed the need for infosec strategy to emphasize big data, interconnectivity. News
- See more All on Security Event Management
About Security Event Management
Scanning and interpreting the plethora of alerts and logs produced each day by various stand-alone network devices isn't humanly possible. Learn how to use security even management and centralized consoles scan to analyze vast amounts of data, and provide real-time threat and incident response.