Welcome to the InfoSci Platform
Security Information and Event Management Implementation Guidance

Security Information and Event Management Implementation Guidance

Yushi Shen, Yale Li, Ling Wu, Shaofeng Liu, Qian Wen
Copyright: © 2014 |Pages: 22
ISBN13: 9781466648012|ISBN10: 1466648015|EISBN13: 9781466648029
DOI: 10.4018/978-1-4666-4801-2.ch005
Cite Chapter Cite Chapter

MLA

Yushi Shen, et al. "Security Information and Event Management Implementation Guidance." Enabling the New Era of Cloud Computing: Data Security, Transfer, and Management, IGI Global, 2014, pp.94-115. https://doi.org/10.4018/978-1-4666-4801-2.ch005

APA

Y. Shen, Y. Li, L. Wu, S. Liu, & Q. Wen (2014). Security Information and Event Management Implementation Guidance. IGI Global. https://doi.org/10.4018/978-1-4666-4801-2.ch005

Chicago

Yushi Shen, et al. "Security Information and Event Management Implementation Guidance." In Enabling the New Era of Cloud Computing: Data Security, Transfer, and Management. Hershey, PA: IGI Global, 2014. https://doi.org/10.4018/978-1-4666-4801-2.ch005

Export Reference

Mendeley
Favorite

Abstract

This chapter is about guidance and implementation prepared by the Cloud Security Alliance (CSA) Security as a Service (SecaaS) workgroup, which is made up of users and practitioners in the field of information security. In preparing this implementation guide, input has been sought from experts throughout Europe, the Middle East, and the United States. A lot of professional judgment and experience are applied in the architecture, engineering, and implementation of a Security Information and Event Management (SIEM) guide to ensure that it logs the information necessary to successfully increase visibility and remove ambiguity, surrounding the security events and risks that an organization faces. By providing SIEM as a service under SecaaS, the provider has to be able to accept log and event information, customer information and event feeds, and conduct information security analysis, correlation, and support incident response. By providing flexible real-time access to SIEM information, it allows the party consuming the SIEM service to identify threats acting against their environment cloud. This identification then allows for the appropriate action and response to be taken to protect or mitigate the threat. The simple step of increasing visibility and removing ambiguity is a powerful tool to understanding the information security risks that an organization is facing.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.