The most effective way to deploy SIEM

February 16, 2011 10:30 am Published by David Spark

The problem with many SIEM deployments is they’re purchased, acquired and absorbed, but not operationalized, said Anton Chuvakin of Security Warrior Consulting. SIEM or Security Information and Event Management is the use of technology to collect data from different systems and study what it means. Chuvakin explained that compliance, such as PCI, requires users to not only deploy a solution, but to actually touch and look at the data in at least a daily manner.

Chuvakin also offered up some advice on the most effective way to deploy SIEM within an organization so as to get “quick wins” and be very effective in your phased deployment.

Tags: RSA, RSA Conference, Security B-Sides, SIEM

Categories: Log Management and SIEM, PCI, Regulatory Compliance

---

This post was written by…

David Spark has contributed 142 posts to The State of Security.

Twitter @dspark

Google+ David Spark

Contact David Spark

David Spark is a veteran tech journalist and founder of Spark Media Solutions, a media consulting and production company. Acting as the "media" of "social media," Spark Media Solutions helps its clients be seen as leading voices in their field through brand-quality media production and distribution through top tier media channels.