REDLEGG BLOG

SIEM Event Monitoring - Who is watching your network?

Mar 19, 2017 10:42:47 AM  |  by Laura Hees

Effectively, EVERY regulatory mandate or security framework requires some form of log management to preserve a trail of events. In addition, many companies have a defense in depth strategy around critical assets using firewall, IDS/IPS, AV and network segmentation at the perimeter. Having one rather than a half dozen different product dashboards is what a SIEM helps provide.

But here is the thing... many companies assume that their SIEM will consume logs and machine data from their environment and will gracefully provide action items. Unfortunately, it does not happen this way.

DATA GATHERING

To begin with, essential assets need to be recognized and then integrated into the SIEM. A sound understanding of security best practices is MANDATORY.

TUNING

SIEM Products come with out of the box correlation rules with automation. But these rules must be constantly tuned to address different compliance and security needs. With a SIEM, knowledgeable human ownership is a REQUIRMENT.

RESPONSE

Wth all of the incoming data, serious events can be easily over looked.

CHANGES

This never happens right? Network configurations, endpoint updates, system components, new virus definitions, software version updates, user permissions, ETC!!

MANAGED SECURITY SERVICES

If you don’t already have in house 24x7 security experts dedicated to network monitoring it MAKES SENSE to engage in a company like RedLegg for Managed Security Services. Finding the right Managed Security Services company will significantly assist in your SIEM investment.

Subscribe to Our Blog

Follow everything RedLegg as we provide comprehensive solutions for real-world data protection and security challenges.

Related Articles

6 Steps of Vulnerability Scanning Best Practices blog

6 Steps of Vulnerability Scanning Best Practices

Vulnerability scanning (vuln-scan) is the process of finding exploits, flaws, security holes, insecure access entry ...
How to Maximize your MSS Experience blog

How to Maximize your MSS Experience

Your Managed Security Services provider is a crucial player in your overall security posture, and our number one goal ...