Question

What is an example of an In-house SIEM:? What is an example of an Cloud based...

What is an example of an In-house SIEM:?

What is an example of an Cloud based SIEM:?

What is an example of an Managed SIEM:?

Homework Answers

Answer #1

1.A SIEM (Security Information & Event Management) is a platform for managing security incidents. It allows the collection of system logs and machine data from across your IT environment to help identify unusual or suspicious activity — and then reports an alert in real time if it finds anything suspicious. You can think of a SIEM as a tool that provides a comprehensive view of an organization’s IT security.

In-house SIEM

In this setup, the organization exercises ultimate control on their SIEM solution. They purchase the required hardware and software to implement this solution at their physical facility. As a matter of general practice, SIEM becomes a part of an organization’s Security Operations Center (SOC). An organization can customize this in-house SIEM to meet its security needs and push updates as it wishes.

However, there is no involvement of third-party, and all security-related information remains in-house. The organization becomes solely responsible for integrating an in-house SIEM setup with existing systems, configuring log sources, customizing alerts, and training employees. In-house SIEM setups require a high initial investment and subsequent costs for maintenance, patches, and updates.

Ex: Micro Focus ArcSight ESM.

2.Cloud-based SIEM

This mode has gained significant popularity with the global adoption of cloud computing technology. Cloud-based SIEM solutions are subscription-based, and your responsibilities for maintaining hardware are minimal. Instead of investing a significant amount upfront, organizations have to opt for monthly or annual subscriptions. Customers can decide on the implementation of SIEM for their organization, and there is no reliance on third parties. The trade-off here is the availability of an organization’s security data at locations that are not directly owned or controlled by the organization.

Ex: Sumo Logic

3.Managed SIEM

This model can involve either in-house SIEM or cloud-based SIEM implementation, but with the help of necessary expertise from the service provider. A customer does not need to entirely rely on its internal security team as the vendor would provide support during the implementation. A managed SIEM solution is hosted on the vendor’s server and monitors client network for potential security threats. Primary reasons for choosing managed SIEM solutions are faster deployment, negligible maintenance, flexible pricing options, and availability of SIEM experts on call.

Ex: McAfee Enterprise Security Manager

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
In 2-3 paragraphs, provide an example of a risk in using Cloud services.
In 2-3 paragraphs, provide an example of a risk in using Cloud services.
Cloud-based systems and services are often ideal options for critical parts of a Business Continuity (BC)...
Cloud-based systems and services are often ideal options for critical parts of a Business Continuity (BC) or Disaster Recovery Plan (DRP). Research some of the ways this is being done today. Discuss how cloud-based systems support business continuity. How can potential risks be transferred to cloud providers?
The move for many businesses is to the cloud. Based on your reading, why do think...
The move for many businesses is to the cloud. Based on your reading, why do think this is the trend? What do you suppose some of the impacts of the repeal of Net Neutrality may have on this trend? please give a one page answer description and also provide references
How NIST defined Cloud Computing? What are its five Essential Characteristics, Three service models and four...
How NIST defined Cloud Computing? What are its five Essential Characteristics, Three service models and four deployment models? Explain each one in detail with example.
Users prefer systems that: a. are cloud-based b. are able to provide optimum hardware and software...
Users prefer systems that: a. are cloud-based b. are able to provide optimum hardware and software efficiency c. are oriented to facilitating organizational tasks and solving business problems d. are capable of storing much more data than they need e. work with existing DBMS
What is statistical discrimination? Give a sports-based example.
What is statistical discrimination? Give a sports-based example.
Assume that your company has just licensed a cloud-based SaaS CRM system. Your boss asks you...
Assume that your company has just licensed a cloud-based SaaS CRM system. Your boss asks you what needs to be done to make it operational. Using the SDLC, summarize on one page the work to do to transform that SaaS into a working IS.
What are the advantages and disadvantages of using “Cloud” storage service?
What are the advantages and disadvantages of using “Cloud” storage service?
What are some of the cost management considerations in cloud computing
What are some of the cost management considerations in cloud computing
Key advantages of Cloud-based services include _______________. A. No obsolescene B. Dependency on vendor C. Visibility...
Key advantages of Cloud-based services include _______________. A. No obsolescene B. Dependency on vendor C. Visibility into security and disaster preparedness D. control over data location and security Which of the following is NOT a characteristics of Inter-Enterprise Systems? A. The participating organizations may need to change some of their internal processes, and decisions may be documented in legal contracts. B. They require that participating organizations use the same operating systems for their own applications. C. Healthcare Exchanges and Supply...