Local InfoSec professionals showed up for another fantastic RISE meeting. Jared Register presented Log Aggregation vs SIEM and provided some fantastic demonstrations. Special thanks to Sycom Technologies for their support in hosting this event. Click through for link to the video!
Logs. We’ve talked about them in several presentations. “Maintenance, Monitoring, and Analysis of audit logs” is one of the basic CIS security controls. Security administrators have many choices in tools that handle logs, but do you really understand the purpose, function, and use case for each? What makes a “log aggregation” tool and a Security Information and Event Management (SIEM) tool different? When would you use one over the other?
Virginia Tech is hosting SANS SEC555 “SIEM with Tactical Analytics” at the Blacksburg campus March 11-15, 2019. This lab-heavy course prepares students to use SOF-ELK, a SANS sponsored free SIEM solution, to turn log data into useful information. Deep discounts are available for students and state government employees. Follow the link for course info and registration!
