White Paper
A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security
Many organizations today are so compliance-focused that they take a bare minimum security approach to securing the organization's sensitive data. They simply purchase an SIEM and/or log management solution and view that as sufficient. What they're really doing is making sure they can check a compliance checkbox for regulations and standards like PCI, ISO 27001, NERC, and others that have log management or SIEM-related requirements. In reality, they're neither truly compliant nor secure.
In this white paper, Dr. Anton Chuvakin, recognized security and compliance expert and author of the blog "Security Warrior," describes practical steps organizations can take to not only gain compliance from their SIEM and log management solution purchases, but also improve security.
Specifically, Dr. Chuvakin explains:
- The current trend toward bare minimum security
- The purpose of an SIEM solution versus a log management solution
- How to determine which solution you need based on the problem you are solving
- The compliance requirements various regulations and standards have around log management and SIEM
- Practical steps for gaining security as a byproduct of compliance efforts
- Mistakes to avoid when using an SIEM solution for compliance
Related Tripwire Resources You Might Be Interested In:
- 10 Steps to Better Security Incident Detection Watch
- Pulling the Plug on Legacy Log Management Read
- Take Control of your IT Security and Compliance without the Complexity of Traditional SIM Systems Watch
- Proactive Visibility: Striking the Balance Between Insight and Control Watch
- For PCI, the Future is Now Read
- Hassle-free Compliance Read
- Tripwire Log Center: Next Generation Log and Event Management Read
- Smart, Visible and Automated: The New Log Management Read
Sign In
to register for this White Paper