In this most excellent edition of the Exploring Information Security podcast, I talk with Derek Thomas a senior information security analyst specializing in log management and SIEM on the topic of: "What is a SIEM?"

Derek (@dth0m) has a lot of experience with SIEM and can be found on Linkedin participating in discussions on the technology. I had the opportunity to hang out with Derek at DerbyCon in 2015 and I came away impressed with his knowledge of SIEM. He seemed to be very passionate about the subject and that showed in this interview.

In this episode, we discuss:

• How to pronounce SIEM

• What is a SIEM

• How to use a SIEM

• The biggest challenge using a SIEM

• How to tune the SIEM

• Use cases, use cases, use cases.

More Resources:

• Applied Network Security Monitoring: Collection, Detection, and Analysis by Chris Sanders and Jason Smith

• Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff and Jonathan Ham.

• Logging and Log Management: The Authorative Guide to Understanding the Concepts Surrounding Logging and Log Management by Anton A. Chuvakin and Kevin J. Schmidt

• Anton A. Chuvakin Gartner blog

• Ultimate Windows Security

[RSS Feed] [iTunes]