NOTICE: Branded Content
NOTICE: Certain versions of content (“Material”) accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.
ArcSight Best Practices
cancel

The importance of being a SIEM Security Use Case

 "Every Journey starts with a single step"

A SIEM Security Use Case is this first single step in the, increasingly more important, task of identifying threats in our corporate environment.

We can define a Use Case as a business requirement or a (security) problem that needs to be solved. In order to solve this problem, SIOC Content Developers and analysts need a starting point, direction, a structure, a metodology, an objective; all these provided by a good Use Case definition process.

Micro Focus provides a good SIEM Use Case template for reference that can be leveraged to build Use Cases to detect different threat vectors that will trigger actionable SIEM alerts withing the SIOC incident response workflow.

Version history
Revision #:
6 of 6
Last update:
‎03-26-2018 05:05 AM
Updated by:
 
0 Kudos
Comments
charles.clawson