Security School

Browse Sections


Improving security management with SIEM

Last updated:July 2014

Editor's note

Security information management systems are the hub of your network security infrastructure, with each spoke from firewalls, intrusion detection, network anomaly behavior systems and more feeding reams of information to these sophisticated collectors. The biggest challenge for the security analyst is to obtain useful information about threats and vulnerabilities from the data collected and correlated by a SIM.

This Security School will explain the best means for an organization to effectively analyze SIM data, how to improve SIM collection, set reasonable goals for these tools and how to get the best data in order to improve incident response, change management processes and security policies overall.

Watch the video, listen to the podcast, read the tech tip then take the quiz to see how much you have learned. Passing the quiz earns you one CPE credit from (ISC)².

View our Security School Course Catalog to view more lessons eligible for CPE credits.

1Integrating SIEM with incident response

In this webcast Mike Rothman takes on the issue of integrating today's SIEM systems with incident response methods to help you identify advanced attacks faster, understand what damage was done and mediate that damage.

2SIEM best practices

The industry has panned SIEM as overly expensive and under performing technology, and have used the products as glorified compliance reporting engines. But to be clear, it's not a technology problem, it's a process issue. In this tech tip, Rothman will outline a time tested process to build SIEM policies which actually alert on the attacks you need to protect against.

3Truth or consequences: The top 5 lies about SIEM

You'll hear all sorts of outlandish claims from company's pushing SIEM technology. In this thought provoking (and funny) podcast Rothman will help you parse the hyperbole and wade through the sales lingo to isolate what's important about SIEM. By deflating the Top 5 lies about SIEM, you'll make it clear that you know what questions to ask and are a sophisticated buyer.

4Test your knowledge

In this five question quiz, test your knowledge of our Security School lesson on core functions and options of SIEM.