ipl-logo

Is Robus Robust SIEM System (SOC) To Be Effective?

638 Words3 Pages

There are three primary facets that pertain to security operations and they are people, technology, and processes. All three aspects must be in sync as well as be able to provide balance and depth in order for a Security Operations Center (SOC) to be effective. To build efficiencies within a SOC, collaboration and communication are crucial as there are many subcomponents that are interweaved to maximize the benefits gained in each facet of security operations. Technology plays a significant role as it facilitates the collection of data within a large enterprise organization encompassing a plethora of networked devices. “An effective security monitoring system incorporates data gathered from the continuous monitoring of endpoints (PCs, laptops, mobile devices and servers) as well as networks and log and event sources.” (Torres, 2015) A Security Information and Event Management (SIEM) system comes into application as it primarily collects data from multiple sources residing within an enterprise, analyzing or correlating the collected information, and then can providing reports or alerts based on the set system configuration. …show more content…

The article that will be discussed throughout this assignment is titled “The Operational Role of Security and Event Management Systems” and asserts that a SOC’s effectiveness is dependent upon the functions of a SIEM system working in harmony with two of the security operations facets (people and processes). Personnel operating in the SOC utilize the information captured and analyzed by the SIEM system to make effective security decisions and assess whether swift action is required to contain the security

More about Is Robus Robust SIEM System (SOC) To Be Effective?

Open Document