Just FYI, I will be speaking at SANS San Francisco about SIEM. Come see me there!
Date: Tuesday, November 9
Time: 7:00pm - 8:00pm
Location: Hilton San Francisco Union Square
Abstract: Security Information and Event Management (SIEM) as well as log management tools have become more common across large organizations in recent years. SIEM and log management have also been a topic of hot debates. In fact, you organization might have purchased these tools already.
However, many who acquired SIEM tools have realized that they are not ready to use many of the advanced correlation features, despite promises that "they are easy to use." So, what should you do to achieve success with SIEM? What logs should you collect? Correlate? Review? How do you use log management as a step before SIEM? What process absolutely must be built before SIEM purchase becomes successful?
Attend this session to learn from the experience of those who did not have the benefit of learning from other's mistakes. Also, learn a few tips on how to "operationalize" that SIEM purchase you've made.
More details and how to sign up here.
Possibly related posts:
- Another Fun SIEM Whitepaper
- How Do I Get The Best SIEM?
- LogChat Podcast 1: Anton Chuvakin and Andrew Hay Talk Logs (my new podcast on logs and SIEM!)