Accés ràpid intranet

Més informació...

a a a



Security Information and Event Management (SIEM)


Pantaleone Nespoli

Professor/a organitzador/a

Javier Parra


University of Murcia


18-04-2018 11:00


Cyber-attacks and cyber-criminals have evolved throughout time from mere curiosity and experimentation to sophisticated and professional organizations. Besides enhancing their sophistication, cyber-attacks are no longer a sporadic phenomenon, but rather a continuously ongoing activity. Moreover, with the advent of the Internet of Things (IoT), the attack surfaces have exponentially exploded, providing uncountable attack vectors and vulnerabilities for ill-intentioned users to exploit. Thus, given the sophistication, real-time nature and massive amount of cyber-intrusions, it is unfeasible for a human administrator to manually monitor and handle all these events, making the use of Security Information and Event Management (SIEM) solutions an essential aspect of their daily work. SIEM solutions constitute an ideal aid for sysadmins in order to monitor their systems, gather relevant security information, correlate the registered events, visualize alarms, react to cyber-attacks with certain counter-measures and provide a long-term storing for forensic purposes, amongst other benefits. In this talk, we will show the motivation behind the use of SIEM solutions, explain the concept of SIEM, detail their general architecture and share a comparison of the top most common commercial SIEM solutions in the market.


Laboratori 231