Security information and event management (SIEM) is a key technology that provides security visibility, but it’s difficult for security professionals to deploy and manage. This presentation will offer a framework for a structured approach for architecting, implementing and maintaining a SIEM.
Anton Chuvakin describes why the success of your SIEM deployment is determined more by operational processes than by its architecture or a specific tool. Chuvakin explains why the most critical tasks in the entire SIEM process are defining scope, objectives and use cases.
Anton Chuvakin, Ph.D., is a research director at Gartner’s Technical Professionals’ Security and Risk Management group. As a recognized expert in log management and PCI compliance, Dr. Chuvakin has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS and security management. He is also an author of “Security Warrior” and “PCI Compliance.” For more information on Dr. Chuvakin, check out his Gartner blog, personal blogor follow him on Twitter @anton_chuvakin.