Appendix B Investigating Insider Threat Using Enterprise Security Management
Solutions in this appendix
What Is ESM?
Enterprise security management (ESM) is a general term that has been applied to security event monitoring and analysis software. There have been plenty of acronyms thrown around over the years to describe these solutions such as:
- SIM Security Information Management
- SEM Security Event Management
- SIEM Security Information and Event Management
- And many others
Regardless of the acronym, the focus of ESM solutions is to allow an analyst to monitor an organization’s infrastructure in real-time regardless of product, ...
Get Cyber Crime Investigations now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.