Badges

190 Points
6 Years
Top 5

User Activity

25 days ago
They are not same. For evet monitoring (log management) aggregation is enough but if you need correlation then SIEM required. Aggregation  means log parsing and correlation means developing rules to detect attacks
About 1 month ago
@John Stanford, you are right. A good Security Platform includes SIEM, UEBA, NTA, and SOAR. But most of the time, you have a limited budget, and you should select the best solution according to your budget. Especially for small businesses, budget is critical. If there is no…
About 1 month ago
@Mike Kehoe There is no technical solution that does not require maintenance. You can outsource it or use a cloud-based solution. If you use a cloud-based solution, you have to check issues like compliance, regulations and ownership of the logs.

About me

Specialties:SIEM/NMS/Log Management/APM, understanding the security data,