***Welcome to ashrafedu.blogspot.com * * * This website is maintained by ASHRAF***

Posts

    Latest Updates

    Wednesday, May 25, 2022

    Security information management

    Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs and various other data sources.

    Security information management (SIM) is software that automates the collection of event log data from security devices such as firewalls, proxy servers, intrusion detection systems and anti-virus software. This data is then translated into correlated and simplified formats.

    SIM systems keep track and show the activity analytics of the system events as they happen. They translate events data gathered from many resources into a general and simplified format. Usually, the data is translated into an XML file.

    SIM systems collect and coordinate data from various resources in such a way that helps administrators to recognize the real threats and false positives on the system. False positives mean events that seem to be a major threat but in reality it’s not a threat.

    As soon as suspicious activities occur, the SIM tool responds to the event by sending alerts to administrators of organizations and by generating reports and graphical representations such as charts and graphs.

    The reports generated by SIM systems are typically used to:  

    1. Detect unauthorized access as well as modifications to files and data breaches.
    2. Identify data trends that can be leveraged potentially by business organizations for their progression.
    3. They are also used to identify network behavior and assess performance.

    Reports are a critical part of any SIM program. A reliable SIM tool will generate regular reports, often in visual formats such as graphs or charts. Security personnel can use these reports to detect security events, identify suspicious behaviors, and detect and address ongoing threats.

    No comments:

    Post a Comment

    Network session analysis

    Network session analysis Network session analysis is a method of monitoring network activity and availability to identify issues, such as ...