SEM comes of age
Nicely written article on the emergence of Security Event Management (SEM) technology in todays secured infrastructure. SEM technology is moving beyond log correlation to help architects mitigate attacks, address compliance reporting needs, and monitor critical assets. (click on graphic for larger version)
While SEM systems still emphasize log correlation, vendors are adding new functions such as real-time incident response and long-term data storage. Other products are blending network behavior anomaly detection and real-time passive network monitoring with log correlation to provide insight into activity on the network and monitor changes to essential business assets. These new features can help security architects better respond to attacks and unusual events, meet the demands of compliance reporting, and more quickly detect unwanted changes to critical business systems.
While SEM systems still emphasize log correlation, vendors are adding new functions such as real-time incident response and long-term data storage. Other products are blending network behavior anomaly detection and real-time passive network monitoring with log correlation to provide insight into activity on the network and monitor changes to essential business assets. These new features can help security architects better respond to attacks and unusual events, meet the demands of compliance reporting, and more quickly detect unwanted changes to critical business systems.
CATEGORIES: 1SEM, 1SIM, 1compliance, 1logging, 1correlation,1article,1vendors,1compliance
0 Comments:
Post a Comment
<< Home