Implementing SIEM(Security Information and Environment Management) in Microsoft Azure

Abstract

Abstract: In an increasingly interconnected and digital world, the need for robust cybersecurity measures is paramount. Cyberattacks can therefore occur upon any device at any moment of time in order to steal the sensitive information of the user or can result in identity theft and cyberbullying. There are varieties of attacks that may occur without the user being aware about the same that their computer has been attacked and the hacker has overall access of their data. Also, a user cannot sit in front of their device throughout their life to monitor and protect any type of cyberattack. Therefore, in order to solve the following problems and to enhance the overall security and accuracy of safeguarding the device and its data, we implement our project Security Information and Environment Management (SIEM) system within the Microsoft Azure cloud ecosystem. SIEM plays a critical role in monitoring, detecting, and responding to security threats, making it a crucial component of any organization's cybersecurity strategy. To view the notification of the attack for a user and all its details, we therefore connect the SIEM implementations and logs over Microsoft Azure platform, and generate the same with the help of a command-shell Windows PowerShell.