SIEM Usage

From Glitchdata
(Redirected from Category:SIEM Usage)
Jump to navigation Jump to search

  • Develop Use Cases
    • Implementing a security information and event management (SIEM) process helps ensure that incidents are correctly identified and handled appropriately.
    • Because an SIEM process depends on log analysis based on predefined rules, the most effective way to reduce false-positive alerts is to develop use cases for known threats to identified critical systems.
    • The use cases would then be used to develop appropriate rules for the SIEM solution.