Security Information and Event Management (SIEM) systems have two major functions on an enterprise network. They serve as a centralized collection point for log entries, and perform correlation of events across diverse systems. In this video, learn about the important role that SIEMs play in an organization's cybersecurity program.
- [Instructor] You already know that log files…are an important security control,…allowing IT professionals to detect suspicious…activity taking place on their systems,…networks…and applications.…However, if you're like most security professionals…you simply don't have the time to do a thorough job…of reviewing those logs.…There are far too many log entries generated…by systems every day…and trudging through them would be tedious,…mind-numbing work.…Fortunately, computers are very good at tedious work…and most organizations now go beyond the simple reporting…and alerting mechanisms that are described in the last video…and apply artificial intelligence-based approaches…to the problem of security log analysis.…
Security Information and Event Management,…or SIEM systems,…have two major functions on an enterprise network.…First, they act as a central, secure collection point…for log entries.…Administrators configure all of their systems,…network devices…and applications…to send log records directly to the SIEM…and the SIEM stores them in a secure fashion,…
- Risk management actions
- Ongoing risk management
- Risk management frameworks
- Scanning for threats and vulnerabilities
- Advanced vulnerability scanning
- Monitoring log files
- Code review and code tests
- Test coverage analysis
Skill Level Intermediate
Q: This course was updated on 05/18/2018. What changed?
A: New videos were added that cover identifying threats, understanding attacks, technology and process remediation, remediating vulnerabilities, and security monitoring. In addition, the following topics were updated: risk management and monitoring log files.
Insights from a Cybersecurity Professionalwith Mike Chapple32m 15s Intermediate
1. Risk Management
2. Threat Modeling
3. Threat Assessment
4. Remediating Vulnerabilites
5. Security Monitoring
6. Software Testing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.