Translate to multiple languages

Subscribe to my Email updates

https://feedburner.google.com/fb/a/mailverify?uri=helgeScherlundelearning
Enjoy what you've read, make sure you subscribe to my Email Updates

Tuesday, December 01, 2020

Security Think Tank: Alerts are great, it’s what you do with them that counts | Opinion - ComputerWeekly.com

SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?, as Rasika Somasiri, cyber security expert at PA Consulting reports.

SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice?
Photo: ComputerWeekly
SIEM tools are one of the cornerstones of an effective SOC monitoring capability. They work by performing real-time analysis of data feeds from applications and infrastructure, correlating that data and alerting analysts when they identify events of interest.

These alerts might point to a breach that is happening, or even better help to predict one, and trigger your response processes.

If you are responsible for security in a medium or large organisation and think you need a SIEM, you probably do – in fact, you probably have one already.

Alongside your SIEM, you probably have a range of additional tools that provide security alerts...

Ultimately, if you have a small team and a manageable number of alerts, you probably don’t need SOAR. If your team is larger, and if it is having trouble keeping on top of the alerts it receives, you probably do.

Read more... 

Source: ComputerWeekly.com

Posted by at