Protect Your Assets
cancel
Showing results for 
Search instead for 
Did you mean: 

Re: Best practices in Security Operations—Customizations

Keno Domino

Siem needs some customization or tuning.

 

First we need to make sure that correlation engines of the SIEM are really working, and can be customized even if it has specific rules that are built in. Second, the content packs of the SIEM tool should be updated so it will get the latest rule detection, watchlist, alarms, dashboards, global threat intelligence and performance upgrade of SIEM(event normalization and aggregation). This tool should subscribe to all government CERT's so it will acquire the latest threats to prevent zero day attacks.

 

 

 

 

0 Kudos
About the Author

Keno Domino

Comments
Keno Domino

Siem needs some customization or tuning.

 

First we need to make sure that correlation engines of the SIEM are really working, and can be customized even if it has specific rules that are built in. Second, the content packs of the SIEM tool should be updated so it will get the latest rule detection, watchlist, alarms, dashboards, global threat intelligence and performance upgrade of SIEM(event normalization and aggregation). This tool should subscribe to all government CERT's so it will acquire the latest threats to prevent zero day attacks.

 

 

 

 

Events
June 6 - 8, 2017
Las Vegas, Nevada
Discover 2017 Las Vegas
Join us for HPE Discover 2017 in Las Vegas. The event will be held at the Venetian | Palazzo from June 6-8, 2017.
Read more
Each Month in 2017
Online
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all
What's New
Posted to:
Original author:
View all