SIEM is effectively used by organizations in the following areas.
- Log Mangement
- Detecting and responding to security events
- Protecting confidential and private data (fraud detection)
- Vulnerability Analytics
- Security and forensic analysis
- Automating security operations
- Monitoring internal & external threats
- Tracking user activity - end user behavior
- Monitoring IT staff/administrator behavior
- Meeting corporate governance initiatives
- Complying with government and industry regulations
- Risk Analysis
- Network operations, Performance monitors & optimization
- Asset Management, Capacity or resource planning
- Configuration Change Audit
- Optimizing traffic , bandwidth monitoring
- Network behavior anomaly (NBA) detection
- Troubleshooting IT problems
- Service level/performance management
- Business Analysis
- Centralized Management Analytics
- Compliance Automation
- Audit Gap Analysis
Article Source: http://EzineArticles.com/2954394
沒有留言:
張貼留言