Note: this blog is a mirror of my HP Labs Blog, on the same topic, accessible at: http://h30507.www3.hp.com/t5/Research-on-Security-and/bg-p/163

Sunday, August 14, 2011

Security Analytics applied to Security Event & Incident Management Processes

I just finished carrying out a case study with a key HP customer, involving the usage of the HP Security Analytics methodology for risk assessment and productivity analysis of their Security Event and Incident Management Processes.

This is a complex area, that goes beyond the simple usage of Security Event & Incident Management (SIEM) solutions and involves people, skills and processes to analyse events, identify false positives and/or security incidents to remediate. These processes are very important to minimise organisations’ exposure to additional security risks.

The case study has been successful. Models and simulations indentified (and provided evidence about) key process bottlenecks and root causes of risk exposure. A full Security Analytics report has been produced for the customer.

Template Security Analytics models and result diagrams have also been produced, in order to support a repeatable analytics service for other customers.

This Security Analytics area is now ready to be offered as a service.


--- Posted by Marco Casassa Mont (here and here) ---

--- NOTE: use this mirror blog if you prefer posting on an external blog site ---

--- NOTE: my original HP blog can be found here ---

No comments: