50 minutes | Online
Craig Bowser, Federal Practice Director, Data Analytics, GuidePoint Security
Implementing a logging solution covers more than just ensuring enough storage for all the data an organization wants to save. It involves taking a holistic view of the entire process used to collect, filter, route, enhance, index, and age out the logs, events, and alerts collected from all the devices, applications, and systems across an enterprise. Often organizations only consider some of these items relevant and thus end up with inefficiencies or missing data or duplicate data. The goal of this talk is to provide a framework for an organization to review, determine what parts are applicable, and then apply those parts to either a new or current implementation. This will give that organization a roadmap to build a mature SIEM that dramatically improves their security posture.
