A
A
Andrey San2014-10-07 14:49:45
System administration
Andrey San, 2014-10-07 14:49:45

Is there a SIEM benchmark?

The company decided to buy SIEM in connection with this, I have to provide a comparative analysis of products from leading brands like HP, IBM, etc.
help me find it please.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
I
Igor K., 2014-11-13
@beloved_kadavr

Comparative analysis based on what criteria? As such, there is no analysis (we read "not in the public domain") - there are many articles on the topic "this is better, this is worse" (Magic Quadrant for Security Information and Event Management sic! ). If comparison is required according to certain technical characteristics, then only write yourself, sorting through many sources and working with stands. I recently went through this painful process. You can start - with these articles - "Overview of SIEM systems"
UPD. I completely forgot about the wonderful, though already old book - David R. Miller <...> Security Information and Event Management (SIEM) Implementation. There is some good food for thought there.

R
Rushan4eg, 2015-05-17
@Rushan4eg

In 2014, I faced the issue of choosing a SIEM for the Bank (it was just a "working solution" that was needed). In my opinion, ArcSight ESM can be singled out among the leaders (I note that many colleagues complain about support), QRadar SIEM, McAfee ESM - but the acquisition and support of systems is beyond our means. As a result, we settled on a commercial version of the popular OSSIM from AlienVault- Unified Security Management (USM). The system includes a Nessus scanner, IDS (a hybrid of Snort and Suricata) and is able to collect NetFlow streams.

A
Alistair O, 2016-11-09
@box4

Good afternoon, please tell me what qradar & arcsight can do, what zabbix can't?
collects logs perfectly, works on a trigger condition, reads any logs.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question