The Math of SIEM Analysis: Evaluation of Key Next-Gen SIEM Features using Validation
Published: 2023
Author(s) Name: Ertugrul AKBAS |
Author(s) Affiliation: Computer Enginering Departmant, Istanbul Esenyurt University, Istanbul, Turkey.
Locked
Subscribed
Available for All
Abstract
In the contemporary landscape of cybersecurity, Security Information and Event Management (SIEM) systems stand as pivotal guardians, entrusted with the critical task of collecting, correlating, and scrutinizing vast volumes of security data. As cyber threats continue to evolve at an unprecedented pace, the demand for Next-Generation SIEMs (NG-SIEMs) has witnessed a notable surge. These advanced systems come armed with heightened functionalities and sophisticated attributes to tackle the ever-changing threat landscape effectively. This manuscript presents a systematic proposal for systematically contrasting pivotal aspects of NG-SIEMs through rigorous validation processes. By instituting a well-structured approach for these comparisons, organizations can make judicious decisions, selecting the most fitting NG-SIEM solution meticulously tailored to their specific security needs. Our methodology involves not only the identification of these advanced features but also their detailed analysis in real-world scenarios. Through meticulous validation and real-world simulations, this research aims to shed light on the practical effectiveness of NG-SIEMs in diverse cybersecurity environments. By bridging the gap between theoretical attributes and practical applicability, this study contributes significantly to the understanding of NG-SIEMs’ capabilities. Furthermore, the insights derived from these analyses serve as valuable guides for organizations aiming to fortify their cybersecurity postures against the ever-evolving jnisand increasingly sophisticated cyber threats of the modern digital era.
Keywords: SIEM, Correlation engine, Log retention.
View PDF