Transcript
![Page 1: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/1.jpg)
EventLog AnalyzerSiddharth Sharathkumar
![Page 2: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/2.jpg)
2
Security and Auditing
One SIEM solution to rule them all.
![Page 3: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/3.jpg)
GUARDING NETWORK PERIMETERAuditing your network devices
![Page 4: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/4.jpg)
Is someone accessing something they shouldn't be allowed to?
Denied connections Traffic allowed
Firewall rule change
But how?
![Page 5: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/5.jpg)
SECURING BUSINESS CRITICAL APPLICATIONS
![Page 6: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/6.jpg)
Comprehensively audit web server errors
Request access to
web server
Request failed Too many errors?
Bad gateway errors?
Do I need to revamp my resources?
Or is someone up to no good?
Repeated requests
![Page 7: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/7.jpg)
CUSTOM LOG PARSER
![Page 8: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/8.jpg)
Threat Intelligence
You sha;; not pass YOU SHALL NOT PASS!!!
![Page 9: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/9.jpg)
Preventive security solutions alone aren't going to be enough9
![Page 10: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/10.jpg)
Backtracking a security attack
![Page 11: Decrypting the security mystery with SIEM (Part 2)](https://reader034.vdocuments.site/reader034/viewer/2022042723/58e4b1431a28ab1c1f8b4ddd/html5/thumbnails/11.jpg)
THANK YOU Queries?