Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Technology and Product Review for an SIEM Solution
There are different approaches that are utilized for security management, which has resulted in the emergence of different security technology categories including security information and event management (SIEM), which is designed to provide a holistic view of IT security. It is based on the principle that relevant information regarding an organization's security is generated from various sources/locations. Therefore, examining each of these locations helps in identifying trends and patterns within the organization's security system.
Overview of SIEM
SIEM, which stands for security information and event management, can be described as an approach for management of security through a holistic view of information technology security within an organization (Rouse, 2014). This approach provides a holistic view for examining an organization's IT security through combining security information management (SIM) and security event management (SEM) into a single security management system. Through combination of these systems, SIEM enables speedy identification, evaluation, and recovery of security incidents. Additionally, the system enables compliance managers to confirm whether the organization is fulfilling legal compliance requirements.
SIEM systems work through gathering security log data from different sources within the organization including operating systems, security controls, and applications (Scarfone, 2015). Once security...
There are certain SIEM products that are also designed and structured to block malicious activity when detected. In this case, such activities are blocked through various processes including running scripts that prompt reconfiguration of security controls like firewalls (Scarfone, 2015). SIEM products are usually available in various forms with relatively similar capabilities but different cost and performance. The most common forms of SIEM products include hardware appliances, cloud-based, conventional server software, and virtual appliances.
Product Review
One of the most commonly used SIEM products is McAfee, which is positioned as a leader in Gartner Magic Quadrant for Intrusion Prevention Systems (IPS) for the last nine years (Burnham, 2015). McAfee's position as a leader in IPS was determined following an analysis of overall liability, product track record, customer experience, operations and marketing execution, market responsiveness, and sales execution of products within this category. This SIEM product is sold by McAfee, which is a California-based firm that is part of Intel Security (Lawson, Hils & Neiva, 2015). This large security vendor has a significant product portfolio throughout different security locations including server, network, and content. The…
References
Burnham, J. (2015, July 23). Who is a Leader (again) in Gartner's 2015 Magic Quadrant For Security Information Event Management? Retrieved February 28, 2017, from https://securityintelligence.com/ibm-is-a-leader-again-in-2015-gartner-magic-quadrant-for-siem/
Lawson, C., Hils, A. & Neiva, C. (2015, November 16). Magic Quadrant for Intrusion Prevention Systems. Retrieved February 28, 2017, from http://www.ts.avnet.com/it/magic
McAfee. (2016). McAfee Enterprise Security Manager. Retrieved February 28, 2017, from http://www.mcafee.com/us/resources/data-sheets/ds-enterprise-security-manager.pdf
McAfee (n.d.). McAfee Guide to Implementing the 10 Steps to Cyber Security. Retrieved February 28, 2017, from https://www.mcafee.com/hk/resources/white-papers/wp-10-steps-to-cyber-security.pdf
Rouse, M. (2014, December). Security Information and Event Management (SIEM). Retrieved February 28, 2017, from http://searchsecurity.techtarget.com/definition/security-information-and-event-management-SIEM
Scarfone, K. (2015, September). Comparing the Best SIEM Systems on the Market. Retrieved February 28, 2017, from http://searchsecurity.techtarget.com/feature/Comparing-the-best-SIEM-systems-on-the-market
Kaspersky Lab Technology and Product Review for Endpoint Protection Solutions: Kasperksy Lab Whereas technological advancements have presented important advantages for business organisations, they have increased security concerns. Viruses, worms, hacking, identity theft, and other cyber threats have been on the rise, with cyber criminals advancing in skill, expertise, and shrewdness. These threats, which are increasingly targeted at the point of the end user, can result in the loss of critical and confidential
However, cursory studies that have been conducted are either biased because they seem to present a biased review of certain products or are insufficient because of their limitations and shallowness. Those studies that have been considered to be useful are mentioned below. Robert D. Boerner, Joanne Bourquard, Pam Greenberg (2000) comprehensively elaborates the legal aspect of spam. He provides an in-depth review of the present laws in actions and the
Metrics, Implementation, and Enforcement (Security Governance) How can you determine whether there has been a malware outbreak? The threat situation today has become more dangerous than in the past. Security and safety threats have been increasing in an alarming rate; there are more than 70,000 brand new bits of malware recognized daily. Well-funded cybercriminals have been currently making advanced malware that has been made to bypass present security options by launching prior
A Systematic Review of Online Auctions for Fund Raising by Non-Profit Organizations Background Its origin dating back to Babylon in 500 BC auctions account as one of the oldest forms of price determination mechanism in the markets. Auction is negotiation protocols that entail simultaneous bidding with the price determined bidders and products or services allocated based on competition amongst potential buyers (McAfee, 2017). Classifications of Auctions There are four major classifications of auctions formats in
It's a tidal wave that's going to engulf us all within the next five years. Cloud services will be a $160 billion industry by the end of 2011" (Ginovsky 2011, 21). Although the decision to transition from a traditional approach to cloud computing will depend on each organization's unique circumstances, a number of general benefits have been cited for those companies that have made the partial or complete transition to