Building SIEM for Today’s Threat Landscape

2021-05-21 18:25

In its early days, SIEM was shaped by new compliance drivers that dominated the era, like PCI or HIPAA. In more recent years, SIEM has evolved to handle the convergence of platforms while accelerating threat detection against sophisticated ransomware and malware.

Why SIEM is an Ideal Setup, Now More Than Ever SIEM software uses analytics engines to match events against an organization's policies.

When SIEM identifies a threat through network-security monitoring, it generates an alert and defines a threat level based on predetermined rules.

To avoid alert fatigue, ensure that analytics, threat intelligence and behavior-profiling are a part of your SIEM mix.

Beyond using AI and machine learning for better correlations and alerts, most SIEM systems also have a threat-detection element that monitors emails, cloud resources, applications, external threat intelligence sources and endpoints.

Proper SIEM setup today means you'll be prepared for the next evolution, and whatever challenges that may bring.

News URL

https://threatpost.com/building-siem-threat-landscape/166390/

#siem #threat