Abstract
Today, computer networks are heavily documented security issues, making it impractical to manage them without Security Event Management (SIEM). A SIEM solution sets the controls everywhere, enhances information security, recording data from various devices and applications through agents or networks Protects data by aggregating and aggregating Provides filtering, normalization of redundant information it is proprietary, and they use context to analyze it. The SIEM solution provides threat detection and real-time system activity analysis, alerting operators in the event of an attack. Although there are high-quality SIEM solutions, success cannot be guaranteed. Instead, organizations should focus on a variety of use cases to effectively implement their SIEM solutions. Care must be taken with respect to the integrity of the operating system components. They are controlled to optimize system security. Attackers will always try to manipulate or alter these relevant resources to achieve their goals. System files are common targets for attackers. File integrity monitoring tools are often used to detect any malicious changes to these important files. In this project we developed a comprehensive security solution that combines a Security Information Event Management (SIEM) framework with a File Integrity Monitoring (FIM) tool to optimize the security posture of IT projects. Our SIEM project uses Azure Monitoring Agent to collect data from virtual machine and inject it into the Log Analytics Workspace. The FIM component is implemented by a Python script designed to scan multiple directories and files. The script initially stores the hashes of all monitored files in a baseline file named “baseline.txt” and creates backups of the original files. These backups are periodically updated, with old backups being deleted.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: International Journal of Scientific Research in Science and Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.