Information Security Research Library

Powered by Bitpipe.com

ABSTRACT:

Information security teams that have worked with SIEM systems are likely used to using them to gather disparate security data to identify trends and spot dangerous activity. However, leading security organizations are adopting new approaches that take advantage of SIEM technology to spot indicators of potential attacks. In this presentation, learn how SIEM can be used to proactively identify potential attacks by incorporating techniques from artificial intelligence, machine learning and attack modeling; how to configure, tune and manage a SIEM for this purpose; and how to avoid common difficulties such as false positives. Other points of emphasis will include:

  • Discussion of attack pattern recognition; establishing and flagging pattern deviations
  • Comparison of point-based anomaly detection techniques vs. time-series analysis
  • Methods for avoiding unnecessary remediation activities using event pattern circumstance recognition

(THIS RESOURCE IS NO LONGER AVAILABLE.)

Bitpipe Definitions: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Other

What's Popular at Bitpipe? Daily Top 50 Reports | Daily Top 100 Topics | Popular Report Topics

Information Security Research Library Copyright © 1998-2014 Bitpipe, Inc. All Rights Reserved.

Designated trademarks and brands are the property of their respective owners.

Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy.