Is This Thing On? How To Test Your SIEM

Logo
Presented by

Andrew (AJ) King, CISO, BreachQuest & Amanda Berlin, Sr. Incident Detection Engineer, Blumira

About this talk

How can you make sure that your SIEM will alert you about security threats when they inevitably appear in your environment? A SIEM’s true value lies in its detections; by aggregating, analyzing and correlating your logs, you can identify potential security issues. When these detections fail, you may not identify a compromise early enough to prevent a major security event like a ransomware attack or data breach. Join Andrew AJ King, CISO of BreachQuest, along with Blumira’s Amanda Berlin, Sr. Incident Detection Engineer and Erica Mixon, Content Marketing Manager, as they go through ways to test your SIEM. They’ll cover: - The process of testing for detections, such as users with non-expiring passwords - The benefits of using red team or pentest to actively test detections - Best practices and tools to make SIEM testing easier

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (5)
Subscribers (333)
Blumira’s automated detection and response platform enables faster resolution of threats to help stop attacks and prevent breaches. Try it free today: blumira.com/trial