A Practical Application of SIM/SEM/SIEM Automating Threat Identification

The goal of this paper is to explain how to use a SIEM effectively to identify and respond to security threats. The paper begins with level set information including definitions, capabilities requirements, architecture and a business case. Later I will cover aggregation and correlation design...
David Swift
May 21, 2007

All papers are copyrighted. No re-posting of papers is permitted