The Operational Role of Security Information and Event Management Systems

被引：86

作者：

Bhatt, Sandeep ^{[1
]}

Manadhata, Pratyusa K. ^{[1
]}

Zomlot, Loai ^{[1
]}

机构：

[1] Hewlett Packard Labs, Palo Alto, CA 94304 USA

来源：

IEEE SECURITY & PRIVACY | 2014年 / 12卷 / 05期

关键词：

INTRUSION DETECTION; ALERT CORRELATION;

D O I：

10.1109/MSP.2014.103

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

An integral part of enterprise computer security incident response teams, a security operations center (SOC) monitors security incidents in real time. Security incident and event management systems play a critical role in SOCs-collecting, normalizing, storing, and correlating events to identify malicious activities-but face operational challenges.

引用

页码：35 / 41

页数：7

共 50 条

[1] Evaluation of Security Information and Event Management Systems for Custom Security Visualization Generation
Sonmez, Ferda Ozdemir
Gunel, Banu
[J]. 2018 INTERNATIONAL CONGRESS ON BIG DATA, DEEP LEARNING AND FIGHTING CYBER TERRORISM (IBIGDELFT), 2018, : 38 - 44
[2] New types of Alert Correlation for Security Information and Event Management Systems
Granadillo, Gustavo Gonzalez
El-Barbori, Mohammed
Debar, Herve
[J]. 2016 8TH IFIP INTERNATIONAL CONFERENCE ON NEW TECHNOLOGIES, MOBILITY AND SECURITY (NTMS), 2016,
[3] INFORMATION SECURITY ASPECT OF OPERATIONAL RISK MANAGEMENT
Zawila-Niedzwiecki, Janusz
Byczkowski, Maciej
[J]. FOUNDATIONS OF MANAGEMENT, 2009, 1 (02) : 45 - 60
[4] Information Security Governance - Compliance management vs operational management
von Solms, SH
[J]. COMPUTERS & SECURITY, 2005, 24 (06) : 443 - 447
[5] Data Privacy Implications for Security Information and Event Management Systems and Other Meta-Systems
Khan, Herah
Hutchison, Andrew
[J]. CYBER SECURITY AND PRIVACY, 2013, 182 : 79 - 90
[6] INFORMATION SECURITY OF THE BANK IN THE OPERATIONAL RISK MANAGEMENT SYSTEM
Bezshtanko, D. V.
[J]. FINANCIAL AND CREDIT ACTIVITY-PROBLEMS OF THEORY AND PRACTICE, 2012, 1 (12):
[7] Challenges and Directions in Security Information and Event Management (SIEM)
Cinque, Marcello
Cotroneo, Domenico
Pecchia, Antonio
[J]. 2018 29TH IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSREW), 2018, : 95 - 99
[8] Analytical Visualization Techniques for Security Information and Event Management
Novikova, Evgenia
Kotenko, Igor
[J]. PROCEEDINGS OF THE 2013 21ST EUROMICRO INTERNATIONAL CONFERENCE ON PARALLEL, DISTRIBUTED, AND NETWORK-BASED PROCESSING, 2013, : 519 - 525
[9] The deployment of security information and event management in cloud infrastructure
Holik, Filip
Horalek, Josef
Neradova, Sona
Zitta, Stanislav
Marik, Ondrej
[J]. 2015 25TH INTERNATIONAL CONFERENCE RADIOELEKTRONIKA (RADIOELEKTRONIKA), 2015, : 399 - 404
[10] Security information and event management in the cloud computing infrastructure
Pavlik, Jakub
Komarek, Ales
Sobeslav, Vladimir
[J]. 2014 IEEE 15TH INTERNATIONAL SYMPOSIUM ON COMPUTATIONAL INTELLIGENCE AND INFORMATICS (CINTI), 2014, : 209 - 214

← 1 2 3 4 5 →