PCQuest – Aujas Live Webinar – Is SIEM Dead or Evolving as a Platform

stg-cmriadmin18

stg-cmriadmin18

978x80

Is SIEM dead or evolving as a platform

Traditional SIEM providing log collection, correlation based on rules and workflow management is no longer effective in detecting advanced attacks. With the advent of Analytics, automation of threat intelligence and improvement in collaboration leaves a thought whether the SIEM is dead or evolving into a platform. In this webinar we will look at the evolution of the SIEM into an integrated platform to provide network anomaly, analytics, threat intelligence integration and its automation and a framework for managing next generation SOC to detect advanced attacks and its monitoring and improvement to keep abreast of latest attacks and keep pace with the changing threat landscape.

Key learning:

Attend this session to hear directly from Chandra Prakash Suryawanshi, SVP and Head of Aujas for India and APAC on:

  • The threat landscape and how existing monitoring and response capabilities are ineffective in detecting and responding to advanced attacks
  • How an integrated approach can improve monitoring capabilities and prepare an organization for detecting and responding to advanced attacks
  • How analytics and intelligence can be added to security monitoring program
  • Concept of Co-Managed SOC and benefits in managing next generation SOC capabilities

Background:

SIEM technology is good for collecting logs from desperate systems and aid in correlation and compliance but limits the analytical capability for threat detection, automation of run books, forensic and its ability to keep pace with business use cases and lastly unable to query retained collections for performing analysis.

Next Generation SOC

Next Generation SOC have the base from SIEM as a platform with ability to perform analytics on large volume of data, both logs and transactional and provide visualization capabilities. They integrate with organizations Vulnerability Management system to provide view of critical assets, vulnerabilities, threat data and incidents to prioritize remediation. They also automate threat intelligent feeds for actionables and take feeds from multiple point security tools to provide a single pane of glass for security posture.

Next Generation SOCs are pro-active, leverage multiple detective and monitoring capabilities, work with known and unknown threats and have ability to automate incident validation and responses.

This is a continuous process and effective monitoring and management of technology, use cases, analytical capabilities and responses and simulations are the heart of running a successful next generation SOC. Learn what it takes to stay ahead of latest and advanced threats and stay protected.