Author Topic: Are we ready to bid the SIEM farewell?  (Read 29 times)

0 Members and 1 Guest are viewing this topic.

Offline Scarlett

  • Updates Moderator
  • *
  • Posts: 22998
Are we ready to bid the SIEM farewell?
« Reply #1 on: April 20, 2017, 02:17:34 PM »
Are we ready to bid the SIEM farewell?
20 April 2017, 1:18 pm



At this year's Infiltrate Security Conference in Miami, John Grigg walked the audience through a common target network where a known and commonly used SIEM had been integrated in order to show participants how to exploit onto the SIEM, find intel, and cover their tracks.

Though SIEM technologies are supposed to help secure the networks, Grigg said that they are often misconfigured, which creates more vulnerabilities.

Even though some of the legacy tools are pretty cool, Grigg said the problem is that no one really knows the platform that well. "The vendor who built it knows it from a design standpoint. Then there's the re-selllers, the guys who install it, the internal IT guys who inherit the systems, but they tend to never really focus on it." 

To read this article in full or to leave a comment, please click here



Source: Network World Security

>> To obtain the full NetworkWorld Security article, click the link in the first post line <<

 


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques



Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks