JumpStart Guide for Security Information and Event Management (SIEM) in AWS

  • Wednesday, 28 Aug 2019 1:00PM EDT (28 Aug 2019 17:00 UTC)
  • Speakers: David Aiken, J. Michael Butler, Jay Austad

Security information and event management plays an important role in collecting data on network assets and traffic. That information can then be funneled through security orchestration and automation and response (SOAR) systems to protect network environments both on-premises and in the cloud. This pre-recorded webcast provides guidance on the key issues to consider when choosing SIEM or SOAR products for integration on the AWS platform and suggests a process for making such important decisions.

Attendees at this webcast will learn about:

  • Cloud design considerations affecting the selection and use of SIEM and SOAR technologies
  • Needs and capabilities associated with SIEMs or SOARs with respect to bandwidth, performance affects, logging capabilities and more
  • Key business, technical and operational considerations for SIEM/SOAR implementation
  • Key AWS-specific considerations for enabling effective logging, endpoint protection, forensics, automation and reporting through SOAR systems
  • Process for making an informed decision about products to integrate.

Register for this webcast to be among the first to receive the associated whitepaper written by SANS Analyst and cybersecurity specialist J. Michael Butler.