Accés ràpid intranet

Més informació...

a a a
Inici

Deiminari

Títol

Security Information and Event Management (SIEM)

Conferenciant

Pantaleone Nespoli

Professor/a organitzador/a

Javier Parra

Institució

University of Murcia

Data

18-04-2018 11:00

Resum

Cyber-attacks and cyber-criminals have evolved throughout time from mere curiosity and experimentation to sophisticated and professional organizations. Besides enhancing their sophistication, cyber-attacks are no longer a sporadic phenomenon, but rather a continuously ongoing activity. Moreover, with the advent of the Internet of Things (IoT), the attack surfaces have exponentially exploded, providing uncountable attack vectors and vulnerabilities for ill-intentioned users to exploit. Thus, given the sophistication, real-time nature and massive amount of cyber-intrusions, it is unfeasible for a human administrator to manually monitor and handle all these events, making the use of Security Information and Event Management (SIEM) solutions an essential aspect of their daily work. SIEM solutions constitute an ideal aid for sysadmins in order to monitor their systems, gather relevant security information, correlate the registered events, visualize alarms, react to cyber-attacks with certain counter-measures and provide a long-term storing for forensic purposes, amongst other benefits. In this talk, we will show the motivation behind the use of SIEM solutions, explain the concept of SIEM, detail their general architecture and share a comparison of the top most common commercial SIEM solutions in the market.

Lloc

Laboratori 231

Idioma

Angls