Jeffrey Robinette's Professional Profile

Badges

User Activity

Over 5 years ago

Answered a question: Which would you recommend, SolarWinds LEM or Splunk?

I've been able to correlate across devices and logs using nDepth in SolarWinds LEM. Many people don't realize SolarWinds has a Log analyzer, ie LEM. Most know about NPM and SAM, which should be part of your Security Tool box as well. You can see denial attacks in NPM, my old…

Almost 6 years ago

Answered a question: When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?

Ease of deployment and building dashboards for people to use. Usability is a big issue for me. No product is good unless people can use it. I like out of the box dashboards. I also like to deploy from a central console. The issue of storage and parsing can be solved thru…

About 6 years ago

Answered a question: What Solution for SIEM is Best To Be NIST 800-171 Compliant?

My understanding is SolarWinds LEM is NIST 800-171. As mentioned above, several of these products do a great job, so it comes down to cost and how much time you want to spend on getting it to run and creating dashboards. SolarWinds LEM has a good out of the box Dashboard and…

About 6 years ago

Answered a question: Which would you recommend to your boss, IBM QRadar or Splunk?

I have no experience with IBM QRadar but if it comes with a built in dash board like SolarWinds LEM or Oracle Vault it would be one step up. If we could tie this into the other IBM analytical tools that would be awesome Splunk is splunk. It does the job and allows for…

Over 6 years ago

Contributed a review of SolarWinds Security Event Manager : Allows us to monitor access and pull cyber reports quickly. No more searching through logs on each server.