Note: this blog is a mirror of my HP Labs Blog, on the same topic, accessible at: http://h30507.www3.hp.com/t5/Research-on-Security-and/bg-p/163

Wednesday, November 17, 2010

Analysis of state-of-the-art of Event Management/SIEM Solutions

I am interested in public documentation providing reviews of the state-of-the-art in the Event Management/SIEM Solutions.

In particular I am looking at how the following critical aspects are supported:
  • Scalability: how these solutions scale in case of complex organisation, supply-chains and future utilisation of IT infrastructure/services in the cloud;
  • Comprehensiveness of the type of data that can actually be gathered and stored
  • Support for unstructured event data: how is unstructured data managed by these systems and processed;
  • Type of supported data mining, correlations and deductions;
  • How cultural and human behaviours are factored in/taken into account by the event management system;
  • How compliance, governance and incident management processes are affected by introducing these solutions

I am interested in exploring how HPL Security Analytics can be of help, in investigating different investment options and provide strategic decision support.

The above information would be extremely valuable to build grounded models and related simulations.

--- Posted by Marco Casassa Mont (here and here) ---

--- NOTE: use this mirror blog if you prefer posting on an external blog site ---

--- NOTE: my original HP blog can be found here ---

No comments: