From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 4 Incident Management
Join today to access over 23,400 courses taught by industry experts.
Security information and event management
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 4 Incident Management
Security information and event management
- [Instructor] Now, you know that log files are an important security control because they allow IT professionals to detect suspicious activity taking place on their systems, networks, and applications. However, if you're like most security professionals, you simply don't have the time to do a thorough job of reviewing those detailed logs. There are just far too many log entries generated by systems every day and trudging through them would be tedious, mind numbing work. Now, fortunately for us, computers are very good at tedious work, and most organizations now go beyond the simple reporting and alerting mechanisms that I discussed in the last video and apply artificial intelligence approaches to the problem of security log analysis. Security information and event management, or SIEM systems, have two major functions on an enterprise network. First, they act as a central, secure collection point for log entries from…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.