Appendix B Investigating Insider Threat Using Enterprise Security Management

Solutions in this appendix

What Is ESM?
What Is a Chinese Wall?
Data Sources
Bridging the Chinese Wall: Detection through Convergence
Conclusion

What Is ESM?

Enterprise security management (ESM) is a general term that has been applied to security event monitoring and analysis software. There have been plenty of acronyms thrown around over the years to describe these solutions such as:

SIM Security Information Management
SEM Security Event Management
SIEM Security Information and Event Management
And many others

Regardless of the acronym, the focus of ESM solutions is to allow an analyst to monitor an organization’s infrastructure in real-time regardless of product, ...

Get Cyber Crime Investigations now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cyber Crime Investigations by James Steele, Anthony Reyes, Richard Brittson, Kevin O'Shea

What Is ESM?

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly