From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security information and event management
From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Security information and event management
- [Instructor] Now, you know that log files are an important security control because they allow IT professionals to detect suspicious activity taking place on their systems, networks, and applications. However, if you're like most security professionals, you simply don't have the time to do a thorough job of reviewing those detailed logs. There are just far too many log entries generated by systems every day, and trudging through them would be tedious, mind-numbing work. Now fortunately for us, computers are very good at tedious work, and most organizations now go beyond the simple reporting and alerting mechanisms that I discussed in the last video and apply artificial intelligence approaches to the problem of security log analysis. Security information and event management, or SIEM, systems have two major functions on an enterprise network. First, they act as a central secure collection point for log entries from a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.