O'Reilly logo

Digital Forensics and Incident Response by Gerard Johansen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security information and event management system

A significant challenge that a great many organizations have is the nature of logging on network devices. With limited space, log files are often rolled over, where the new log files are written over older log files. The result is that in some cases, an organization may only have a few days or even a few hours of important logs. If a potential incident happened several weeks ago, the incident response personnel will be without critical pieces of evidence.

One tool that has been embraced by a number of enterprises is a Security Information and Event Management (SIEM) system. These appliances have the ability to aggregate log and event data from network sources and combine them into a single ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required