The Role of a SIEM in an Overall Enterprise Security - ISC blog

Wednesday, May 18, 2011


A good article by Brian Albrecht written on ISC Blog on How SIEM fits in the enterprise security.

An overall Enterprise Security plan will be comprised of many different moving pieces. An effective plan will have all of these pieces in place and working together like a fine tuned machine.  Managing this plan and taking in all of the data that is presented can be an overwhelming task.  Correlating all of this data is tough as well – the potential attack that was picked up by your IDS, was it successful?  Was there any suspicious activity soon after, maybe representing a data breach and a success?

The inclusion of a SIEM (Security, Information and Event Management) product can be a great addition to an already stout enterprise security infrastructure.  A well tuned SIEM product can lend insight into an enterprise’s overall network status – both security related and otherwise.   By taking information from varying sources throughout the enterprise, IDS/IPS data, application, firewall, database, etc, and putting this all together.
In addition, a SIEM may also benefit an organization’s compliance program as well.  A SIEM on its own will not make and organization compliant, however the log management capabilities can go a long way to helping “prove” an organization’s compliance.

Now, it cannot be left unsaid that the effectiveness of a SIEM is only as good as the data that is being fed into it.  That being said, a SIEM may be an excellent “last piece” to an organization’s overall enterprise security puzzle.
Now, for full disclosure, I am currently employed by an SIEM provider…on that note, I have the chance to work with our customers on a daily basis and see the benefits that a SIEM provides first hand. Prior to my current employment, I did not have much experience within the SIEM market. It has been a fascinating experience, working with customers and working with them to discover data and trending that they could not have seen before. 

0 comments:

  © Blogger templates Newspaper by Ourblogtemplates.com 2008

Back to TOP