REDLEGG BLOG

SIEM Event Monitoring - Who is watching your network?

Mar 19, 2017 10:42:47 AM  |  by Laura Hees

Effectively, EVERY regulatory mandate or security framework requires some form of log management to preserve a trail of events. In addition, many companies have a defense in depth strategy around critical assets using firewall, IDS/IPS, AV and network segmentation at the perimeter. Having one rather than a half dozen different product dashboards is what a SIEM helps provide.

But here is the thing... many companies assume that their SIEM will consume logs and machine data from their environment and will gracefully provide action items. Unfortunately, it does not happen this way.

DATA GATHERING

To begin with, essential assets need to be recognized and then integrated into the SIEM. A sound understanding of security best practices is MANDATORY.

TUNING

SIEM Products come with out of the box correlation rules with automation. But these rules must be constantly tuned to address different compliance and security needs. With a SIEM, knowledgeable human ownership is a REQUIRMENT.

RESPONSE

Wth all of the incoming data, serious events can be easily over looked.

CHANGES

This never happens right? Network configurations, endpoint updates, system components, new virus definitions, software version updates, user permissions, ETC!!

MANAGED SECURITY SERVICES

If you don’t already have in house 24x7 security experts dedicated to network monitoring it MAKES SENSE to engage in a company like RedLegg for Managed Security Services. Finding the right Managed Security Services company will significantly assist in your SIEM investment.

Subscribe to Our Blog

Follow everything RedLegg as we provide comprehensive solutions for real-world data protection and security challenges.

Recent Articles

Two Data points is a trend. Three Data points is a story

Two Data points is a trend. Three Data points is a story

Data is the building block of everything we see and do in the Digital Age. But our reliance on data goes beyond that. ...
Top 5 Benefits to Hiring a vCISO (Virtual Chief Information Security Officer) blog

Top 5 Benefits to Hiring a vCISO (Virtual Chief Information Security Officer)

Every day, there seems to be a news story about the latest data security breach. Guarding the privacy of company ...