Abstract

An integral part of an enterprise computer security incident response team (CSIRT), the security operations center (SOC) is a centralized unit tasked with real-time monitoring and identification of security incidents. Security information and event management (SIEM) systems are an important tool used in SOCs; they collect security events from many diverse sources in enterprise networks, normalize the events to a common format, store the normalized events for forensic analysis, and correlate the events to identify malicious activities in real time. In this article, the authors discuss the critical role SIEM systems play SOCs, highlight the current operational challenges in effectively using SIEM systems, and describe future technical challenges that SIEM systems must overcome to remain relevant.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
A novel security information and event management system for enhancing cyber security in a hydroelectric dam
Cesario Di Sarno ... Marco Vallini
International Journal of Critical Infrastructure Protection | VOL. 13
Cesario Di Sarno, et. al.Cesario Di Sarno ... Marco Vallini
18 Mar 2016
Problems of implementing SIEM systems in the practice of managing information security of economic entities
V. A. Sizov ... A. D. Kirov
Open Education | VOL. 24
V. A. Sizov, et. al.V. A. Sizov ... A. D. Kirov
10 Mar 2020
Comment on: “Radial head replacement in adults with recent fractures” published by N. Bonnevialle et al. in Orthopaedics & Traumatology: Surgery & Research 2016;102(1 Suppl):S69–79
L Cheng ... H.-T Long
Revue de Chirurgie Orthopedique et Traumatologique | VOL. 102
L Cheng, et. al.L Cheng ... H.-T Long
25 Oct 2016
SPEAR SIEM: A Security Information and Event Management system for the Smart Grid
Panagiotis Radoglou-Grammatikis ... Francisco Ramos
Computer Networks | VOL. 193
Panagiotis Radoglou-Grammatikis, et. al.Panagiotis Radoglou-Grammatikis ... Francisco Ramos
05 Apr 2021
View more papers

More From: IEEE Security & Privacy

Paper Title
Journal
Date
Author
IEEE Computer Society Career Center
-
IEEE Security & Privacy | VOL. -
--
01 Sep 2024
Computing Edge
-
IEEE Security & Privacy | VOL. -
--
01 Sep 2024
Inclusive Privacy and Security
Apu Kapadia ... Yang Wang
IEEE Security & Privacy | VOL. 22
Apu Kapadia, et. al.Apu Kapadia ... Yang Wang
01 Sep 2024
Understanding Phishing Experiences of Screen Reader Users
João Janeiro ... Florian Alt
IEEE Security & Privacy | VOL. 22
João Janeiro, et. al.João Janeiro ... Florian Alt
01 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.