Log Management and SIEM
The State of Security: SIEM in 2022
The world of enterprise cybersecurity is exceedingly dynamic. In a landscape that is ever-changing, security professionals need to combat a class of evolving threat actors by deploying increasingly sophisticated tools and techniques ...
To Detect or Not to Detect, Is that the Question?
Tripwire Enterprise (TE) is at its heart a baselining engine. It’s been built to take information, create a baseline of it, and show when that baseline has changed. (It’s called a “version” ...
WHAT IS A SIEM, AND WHY SHOULD YOU HAVE ONE?
SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat ...
What Is Log Management, and Why Is It Important?
I think we all know what log management is. As discussed in a 2017 article for The State of Security, log management is about systematically orchestrating the system and network logs collected ...
Why Your SOC Needs More Than a SIEM Tool
Cybercrime is becoming more sophisticated by the day. Meanwhile, the price for a breach due to damage and disruption, ransom payments and regulatory fines, is increasing. No wonder there’s more of a ...
Log Management for Government Agencies: What You Need to Know
Without a doubt, log management should be part of the core of any IT security platform of a government agency. It has a role in not only security but also in operations ...
What Is Passive Asset Discovery, and Is It That Important?
Let’s first talk about asset discovery in general and why it is useful, even critical, to most organisations. What Is Asset Discovery? Asset discovery is the ability to provide visibility of all ...
SIEM Implementation Strategies
A SIEM or Security Information and Event Management is only as good as its logs. People can think of logs as the fuel for the engine. Without logs (log management), the SIEM ...
