SIEM

Security Information Event Management Information

The promise of SIEM is the consolidation of all relevant Security Event Logs from disparate sources into a single unified and normalized data store. This provides the opportunity to:

• Simplify compliance monitoring/reporting
• Vastly improve Incident Detection & Incident Response
• Contextualize event information with other business relevant information (e.g., CMDB/Vulnerability data)

Pivot Point Security has helped dozens of organizations ranging from small community banks to one of the world’s largest telecomm companies leverage SIEM to improve their security postures and demonstrate compliance with critical laws and regulations. Major SIEM successes include:

• Developed a custom SIEM solution for one of the world’s largest Telecommunications Service providers to meet the organizations unique requirements. The system is architected to 3 Billion events/day and has been continuously operable for 7+ years.

• Developed a custom SIEM Solution for multiple Managed Security Service Providers to meet the diverse and varying requirements of their disparate client bases.

• Implemented Novell Sentinel for one of the world’s largest Hospitality companies in support of their PCI and Sarbanes Oxley compliance requirements.

Our current emphasis is on Novell Sentinel and OSSIM, however, our experience extends across Cisco Mars, RSA Envision, Sentinel, OSSIM, & OSCAR.

SIEM is also commonly referred to as SIM (Security Information Management) and SEM (Security Event Management). 

SIEM Downloadable Resources

• SIEM: 5 Best Practices for Implementation Success
• Whitepaper: Best Practices for SIEM Success
• SIEM Storage Requirement Calculator
• Simplify Security Event Management With OSCAR

SIEM Articles

• Security Event Management Demo at MSPWorld
• SIEM And Log Managers Are A Lot Like Cars
• Is Trustwave Trustworthy? (A Guide to Security Audit Best Practices)
• Log Consolidation or SIEM? (BOTH !!!!)
• “So Devin … is OSSIM Awesome?”