RE: SOC and SIEM



I recommend Allienvault if you need a SIEM


-----Mensaje original-----
De: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] En
nombre de Kartik.netsec@xxxxxxxxx
Enviado el: miércoles, 01 de febrero de 2012 12:27 a.m.
Para: security-basics@xxxxxxxxxxxxxxxxx
Asunto: Re: SOC and SIEM

A Security Operations Center (SOC) is a department within a company or often
outsourced which does (but not limited to) configuration management, change
management of security devices like Firewalls, IDS/IPS, VPN, SIEM, AV etc.
They also perform Security Incident response and Monitor the near real-time
logs with the help of SIEM tools. There may be dedicated teams within a SOC
with different reporting hierarchy for Device management and Monitoring to
avoid conflict of interest depending upon contract/ legal requirement etc.

A Security Information & Event Management (SIEM) tool is simply a
correlation tool through which SOC monitors the near real-time logs. It logs
(if working properly :D) qualified events and alerts whenever there is an
incident. It may also create tickets in local ticketing tool and send email/
sms alerts when integrated with other tools. You can tweak the tool as per
your requirement.

Thanks,
Kartik, CISSP

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate. We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • RE: SOC and SIEM
    ... A SIEM is the tool or infrastructure -physical device; the SOC ... Securing Apache Web Server with thawte Digital Certificate In this guide ...
    (Security-Basics)
  • Re: AlienVault SIEM
    ... May you explain to us why ArcSight is Better than AlienVault? ... I'm newbie in Security Information and Event Management. ... I always hear that two names in SIEM technology. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: AlienVault SIEM
    ... May you explain to us why ArcSight is Better than AlienVault? ... I'm newbie in Security Information and Event Management. ... I always hear that two names in SIEM technology. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: What are the costs of an ISMS?
    ... Also consider what your security baselines and metrics would be. ... Securing Apache Web Server with thawte Digital Certificate In this guide ... we examine the importance of Apache-SSL and who needs an SSL certificate. ...
    (Security-Basics)
  • RE: adding another defence layer against viruses/worms
    ... Internal auditor - Information security ... which heuristic IPS would you suggest for this task? ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)