A Practical Application of SIM/SEM/SIEM Automating Threat Identification
The goal of this paper is to explain how to use a SIEM effectively to identify and respond to security threats. The paper begins with level set information including definitions, capabilities requirements, architecture and a business case. Later I will cover aggregation and correlation design...