O'Reilly logo

Enterprise Security: A Data-Centric Approach to Securing the Enterprise by Aaron Woody

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security Information and Event Management

SIEM or Security Information and Event Management has been mentioned a few times in the earlier sections and is gaining tremendous traction in security monitoring as the central intelligence of security operations. The primary benefit of SIEM is the ability to assimilate security and log data from disparate systems, analyze it all, and provide correlated output to security analysts.

Up to this point, disparate systems and their unique monitoring capabilities have been discussed, but those are all single intelligence, incomplete views of the complete flow of traffic as it traverses a network. A firewall, for instance, only inspects what is coming and going at the edge of the network, but has no cognizance ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required