Defeating the Insider Threats with SIEM

Presented by

Brian Albrecht, MIS, CISSP | LogRhythm Inc

About this talk

To combat increasingly sophisticated and frequent security threats from insiders and outsiders, organizations the world over are deploying Security Information/Event Management (SIEM) solutions By providing a centralized security intelligence gathering system that spans an enterprise’s critical infrastructure, SIEMs can offer deep visibility into suspicious activity and latent operational problems. This presentation is designed for individuals who are generally familiar with the concepts of SIEM technology, but are looking to improve their understanding and skills for detecting and defeating insider threats. This session will: - Cover the main components of a SIEM deployment and explain the role each plays in gathering the data required for investigations. - Explain how to utilize SIEM technology to detect and eliminate insider threats - Demonstrate how to use SIEM technology to monitor insider activity including network utilization, web surfing, and data leakage, and changes made to critical files

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (1747)
Subscribers (47956)
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.