Watch a conference talk from HITB2024BKK that explores the design and implementation of a multi-tenant Security Information and Event Management (SIEM) system built on Security Onion. Learn how to structure management capabilities for Managed Security Service Providers (MSSPs) using open-source SIEM software that lacks native multi-tenant features. Discover solutions for key challenges including tenant-specific user authorization, consolidated alert management across tenants, and rules management that enables both manual and external rule imports. Follow along as the speakers demonstrate a proof-of-concept implementation using Security Onion, including customizations and real-world testing results. Gain insights into system recovery optimization when dealing with virtual machine resource constraints or attacks, and understand how organizations can leverage this open-source approach for their security operations.
Design and Development of a Multi-Tenant SIEM Using Security Onion
Hack In The Box Security Conference via YouTube
Overview
Syllabus
#HITB2024BKK #COMMSEC D1: Design and Development of a Multi-Tenant SIEM Using Security Onion
Taught by
Hack In The Box Security Conference
Related Courses
-
SC-100: Design security operations, identity, and compliance capabilities
-
Implementing a Multi-Tenant, Relationship-Based Authorization Model with OpenFGA
-
Security Onion Developers Panel - 2021 Conference
-
Security Logging Use Cases: Building an Open-Source SIEM
-
Learn how Microsoft safeguards customer data
