All Questions
7
questions
1
vote
0
answers
76
views
Security Incident Response Tracking [closed]
Besides Security IR tracking & workflow that is available in SIEM platforms, what are other tools that can do this such as standalone products like ServiceNow SIR or Everbridge xmatters? I found ...
3
votes
4
answers
952
views
SOC and generic log parsing
I am making a conceptual work-flow of a SOC so if we suppose that a SIEM solution is integrated inside an organization's in-house SOC. Also, if the team of the SOC is the one managing the SIEM ...
7
votes
4
answers
23k
views
What is the difference between a SIEM and a SOC?
What is the difference between a SIEM (Security Information and Event Management) and a SOC (Security Operations Centre)?
Do they work together? And if independent when to use which?
0
votes
3
answers
358
views
What is the difference between Compliance and Auditing in Information Security?
I am a student working on my semester project and it's about developing a SIEM solution with Big Data tools to be used in a SOC (security operations centre) and I know that collecting logs can be used ...
5
votes
2
answers
731
views
Incident Responders: Can you give some examples of Incidents / types of incidents that are suitable for fully or partly automated response? [closed]
You setup security monitoring - either a full commercial SIEM/SOC or something home-cooked (e.g., rsyslog -> OSSIM / MozDef / Splunk / ...).
You also setup some rules so that some event triage is ...
1
vote
1
answer
1k
views
Are SIEM and NIDS/HIDS complementary?
I just would like to have your feedback if you were involved with Security Information and Event Management.
From your experience, do we have to add a SIEM to an existing NIDS (snort) and HIDS (ossec)...
7
votes
1
answer
2k
views
Security Operation Center (SOC) [closed]
I am looking for resources and details on establishing a security operation center (SoC) or network operation center (NoC) based on ITIL or any other applicable regulations. Where can I find good ...