Badges

40 Points
4 Years

User Activity

About 3 years ago
I would take a long hard look at IBM QRadar. The user behavior analytics will give you insight into insider activity. You will want to run CIS internals on your endpoints and get detailed logs using their Wincollect server functionality. Using that alongside of something…
Over 3 years ago
Log Management is just that, it looks at logs from devices and attempts to make inferences about security issues from those logs. SIEM technology typically casts a wider net, looking at all types of security events. The best of breed will look at Network flows and events and…
Almost 4 years ago
Other answers are pretty much sum this up but there is one important point to make. In some technology it's important to take into account the number of events that got are aggregated and for your sim device to be able to treat them as individual events for the purpose of…
Almost 4 years ago
If your environment is complex and you're trading information with people on a fairly open basis, but it needs to be secure oh, then you should consider QRadar. It has functionality none of the other SIEM solutions come close to offering. The state-of-the-art behavior…
Over 4 years ago

Reviews

Answers

About 3 years ago
Security Information and Event Management (SIEM)
Almost 4 years ago
Security Information and Event Management (SIEM)