Local InfoSec professionals showed up for another fantastic RISE meeting. Jared Register presented Log Aggregation vs SIEM and provided some fantastic demonstrations. Special thanks to Sycom Technologies for their support in hosting this event. Click through for link to the video!
Logs. We’ve talked about them in several presentations. “Maintenance, Monitoring, and Analysis of audit logs” is one of the basic CIS security controls. Security administrators have many choices in tools that handle logs, but do you really understand the purpose, function, and use case for each? What makes a “log aggregation” tool and a Security Information and Event Management (SIEM) tool different? When would you use one over the other?