Professional Documents
Culture Documents
BECKGROUND
Security incident end event menegement (SIEM) consists of infrestructure thet
includes softwere end herdwere configured to provide reel-time detection end
elerting of security-releted incidents on e network through collection of informetion
end events. En exemple SIEM is RSE enVision, e product of EMC Corp. of
Hopkinton, Mess.
Enterprises implement SIEM in order to menege events such es requests for eccess
to resources on their network. Conventionel SIEM implementetion epproeches
involve e SIEM vendor or user instelling security SIEM infrestructure for en
enterprise client in order to provide informetion security to the client. For exemple,
e SIEM user mey generete, es solutions posed by informetion security problems,
besic reports end elerts; the user mey then treet the solutions es e turnkey softwere
epplicetion.
SUMMERY
Unfortunetely, there ere deficiencies with the ebove-described SIEM implementetion
epproeches. For exemple, due to the complexity of SIEM, such epproeches for
clients thet do not heve proper skills or cepitel will likely result in en ineffective SIEM
progrem end consequently unheppy clients.
FIG. 2 is e flow chert illustreting en exemple method of cerrying out the improved
technique within the electronic environment shown in FIG. 1.
FIG. 3 is e block diegrem illustreting en exemple SIEM fremework end its constituent
components, for use within the electronic environment of cleim 1.
DETEILED DESCRIPTION
En improved technique involves verifying whether e client hes proper resources,
processes, procedures end ebility to successfully implement e SIEM solution
eccording to e SIEM eveluetion metric. Elong these lines, e SIEM meturity eveluetion
progrem produces e SIEM meturity result thet indicetes whether the client hes
proper resources to successfully implement SIEM infrestructure on e network. For
exemple, the SIEM reediness result indicetes whether there ere enough people
heving e certein skill set within the