Skip to main content
Information Security

All Questions

Ask Question
Tagged with
7 questions
Newest Active Bountied Unanswered
1 vote
0 answers
76 views

Security Incident Response Tracking [closed]

Besides Security IR tracking & workflow that is available in SIEM platforms, what are other tools that can do this such as standalone products like ServiceNow SIR or Everbridge xmatters? I found ...
Scott's user avatar
Scott
  • 160
3 votes
4 answers
952 views

SOC and generic log parsing

I am making a conceptual work-flow of a SOC so if we suppose that a SIEM solution is integrated inside an organization's in-house SOC. Also, if the team of the SOC is the one managing the SIEM ...
Hilo21's user avatar
Hilo21
  • 33
7 votes
4 answers
23k views

What is the difference between a SIEM and a SOC?

What is the difference between a SIEM (Security Information and Event Management) and a SOC (Security Operations Centre)? Do they work together? And if independent when to use which?
whatever489's user avatar
whatever489
  • 868
0 votes
3 answers
358 views

What is the difference between Compliance and Auditing in Information Security?

I am a student working on my semester project and it's about developing a SIEM solution with Big Data tools to be used in a SOC (security operations centre) and I know that collecting logs can be used ...
Hilo21's user avatar
Hilo21
  • 33
5 votes
2 answers
731 views

Incident Responders: Can you give some examples of Incidents / types of incidents that are suitable for fully or partly automated response? [closed]

You setup security monitoring - either a full commercial SIEM/SOC or something home-cooked (e.g., rsyslog -> OSSIM / MozDef / Splunk / ...). You also setup some rules so that some event triage is ...
Sas3's user avatar
Sas3
  • 2,656
1 vote
1 answer
1k views

Are SIEM and NIDS/HIDS complementary?

I just would like to have your feedback if you were involved with Security Information and Event Management. From your experience, do we have to add a SIEM to an existing NIDS (snort) and HIDS (ossec)...
phackt's user avatar
phackt
  • 11
7 votes
1 answer
2k views

Security Operation Center (SOC) [closed]

I am looking for resources and details on establishing a security operation center (SoC) or network operation center (NoC) based on ITIL or any other applicable regulations. Where can I find good ...
Yasser Sobhdel's user avatar
Yasser Sobhdel
  • 309