Defeating the Insider Threats with SIEM
To combat increasingly sophisticated and frequent security threats from insiders and outsiders, organizations the world over are deploying Security Information/Event Management (SIEM) solutions By providing a centralized security intelligence gathering system that spans an enterprise’s critical infrastructure, SIEMs can offer deep visibility into suspicious activity and latent operational problems. This presentation is designed for individuals who are generally familiar with the concepts of SIEM technology, but are looking to improve their understanding and skills for detecting and defeating insider threats. This session will: - Cover the main components of a SIEM deployment and explain the role each plays in gathering the data required for investigations. - Explain how to utilize SIEM technology to detect and eliminate insider threats - Demonstrate how to use SIEM technology to monitor insider activity including network utilization, web surfing, and data leakage, and changes made to critical files
- Presenting
- Brian Albrecht, MIS, CISSP | LogRhythm Inc
- Channel
- EC-Council | Security Channel
- Date
- Aug 26 2009
- Duration
- 2855
- Tags
- SIEM, Insider, Threats
Flash is required to view this webcast/channel:
You need version 9.0.115.0 or later of the free Flash player from Adobe
to use this content.
To download and install the free player from Adobe's web site
click here.
