Security Basics mailing list archives
RE: Making /planing a successful SIEM/Log Management project
From: "Frye, Dan" <Dan.Frye () cedarcrestone com>
Date: Thu, 20 Aug 2009 12:28:04 -0400
The most important thing to do prior to even looking at vendors is determine the business cases you need to support. Example - are you looking for simple things like locked out accounts on Windows? Or are you looking for netflow data that doesn't match pre-established behavioral patterns? What are those patterns? You have to understand what you need first. There are a million and one unique use cases for log data and every business is different. Find the ones you need, then go look at products, then match your use cases to what the product can do. Also, don't be satisfied with a week of PoC time - put it into a "production" environment, or a copy of it. VMWare out some existing hosts and remove from your network then run it there - if you use a "test" env you will miss things or not be able to fully test the use cases you identified. Good luck ... the concept of SIEM is a very seductive idea, but often fraught with peril... I learned the hard way. Daniel -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of pent 5971 Sent: Thursday, August 20, 2009 7:30 AM To: security-basics () securityfocus com Subject: Making /planing a successful SIEM/Log Management project Hi, I would like to ask for your experience in SIEM/ log management projects. For you what are the steps/ roadmap for a succesfull SIEM, log management projects? Any written checklist? Regards ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442 f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Making /planing a successful SIEM/Log Management project pent 5971 (Aug 20)
- RE: Making /planing a successful SIEM/Log Management project Frye, Dan (Aug 20)
- Re: Making /planing a successful SIEM/Log Management project Chris Brenton (Aug 20)
- Re: Making /planing a successful SIEM/Log Management project aditya mukadam (Aug 21)