Overview
Explore the latest trends in Security Information and Event Management (SIEM) in this GrrCon 2018 conference talk. Delve into key concepts including SIEM, triage, security analytics, and data science. Trace the evolution from SIEM 1.0 to SIEM 2.0, and examine the potential future of SIEM 3.0 or Next Gen SIEM. Investigate topics such as Netflow, full packet capture, enterprise logging layers, cloud-based infrastructure, SaaS SIEM, and Managed Security Services (MSS). Learn about data science-based correlations, data lakes, digital transformation, and the MITRE ATT&CK Framework. Gain insights into the future of SIEM and participate in a Q&A session to further your understanding of these critical security concepts.
Syllabus
Intro
Background
Concepts - SIEM
Concepts - Triage
Concepts - Security Analytics
Concepts - Data Science
2018 Trends and Observations
SIEM 1.0- SIEM 2.0
SIEM 3.0? Next Gen SIEM? (Cont.)
Netflow and Full Packet Capture
Enterprise Logging Layer (Unified Logging)
Cloud Shared Responsibilities Model
Cloud Based Infrastructure
SaaS SIEM
Managed Security Services (MSS)
Data Science Based Correlations
Data Lakes
Digital Transformation
MITRE ATT&CK Framework MIREA
What does future look like?
What does the future look like? (Cont.)
Questions?