HPE Software is now Micro Focus
HPE Software is now Micro Focus
Protect Your Assets
cancel

Best practices in Security Operations—Customizations

Re: Best practices in Security Operations—Customizations

Siem needs some customization or tuning.

 

First we need to make sure that correlation engines of the SIEM are really working, and can be customized even if it has specific rules that are built in. Second, the content packs of the SIEM tool should be updated so it will get the latest rule detection, watchlist, alarms, dashboards, global threat intelligence and performance upgrade of SIEM(event normalization and aggregation). This tool should subscribe to all government CERT's so it will acquire the latest threats to prevent zero day attacks.

 

 

 

 

0 Kudos
About the Author

Comments
N/A

Siem needs some customization or tuning.

 

First we need to make sure that correlation engines of the SIEM are really working, and can be customized even if it has specific rules that are built in. Second, the content packs of the SIEM tool should be updated so it will get the latest rule detection, watchlist, alarms, dashboards, global threat intelligence and performance upgrade of SIEM(event normalization and aggregation). This tool should subscribe to all government CERT's so it will acquire the latest threats to prevent zero day attacks.