Changes to the community structure and the menu bar
Significant changes have happened to the structure of our community and our drop down menu bar. READ ABOUT IT HERE
ArcSight Best Practices
cancel

The importance of being a SIEM Security Use Case

 "Every Journey starts with a single step"

A SIEM Security Use Case is this first single step in the, increasingly more important, task of identifying threats in our corporate environment.

We can define a Use Case as a business requirement or a (security) problem that needs to be solved. In order to solve this problem, SIOC Content Developers and analysts need a starting point, direction, a structure, a metodology, an objective; all these provided by a good Use Case definition process.

Micro Focus provides a good SIEM Use Case template for reference that can be leveraged to build Use Cases to detect different threat vectors that will trigger actionable SIEM alerts withing the SIOC incident response workflow.

Version history
Revision #:
6 of 6
Last update:
‎03-26-2018 05:05 AM
Updated by:
 
0 Kudos
Comments
charles.clawson