« Voltar

Check Point launches Infinity SOC cybersecurity solution

Technically, the SIEM system collects information from all sorts of elements of the IT infrastructure, including personal computers, servers and routers, as well as other information security systems - antiviruses, Firewall, IPS / IDS and so on. The ability to analyze the processes taking place throughout the network creates the prerequisites for identifying correlations between suspicious events. In the event of a real attack, detailed information and guidelines for action provided by some systems help responsible employees respond more quickly to changes in the situation - attempts to penetrate the network, transfer of confidential information, intensify DDoS attacks, and so on.
What is required to use SIEM?
SIEM is a complex tool that allows you to improve the quality of monitoring of IT assets and the operation of information security tools . However, to use the system, it is necessary to have a working information security service in the company. The fact is that SIEM expands the analytical capabilities of other tools, but requires employees to have a ready-made threat model that changes from industry to industry.
Anterior Próximo
URL de trackback:

Sem comentários ainda. Seja o primeiro.