International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)

Webpage URL: https://airccse.org/journal/ijnsa.html

Exploring Critical Vulnerabilities in SIEM Implementation and SOC Service Procurement: An In-Depth Analysis of High-Risk Scenarios

Ertuğrul AKBAŞ, Istanbul Esenyurt University, Turkey

Abstract

This research paper examines the high risks encountered while using a Security Information and Event Management (SIEM) product or acquiring Security Operations Center (SOC) services. The paper focuses on key challenges such as insufficient logging, the importance of live log retentions, scalability concerns, and the critical aspect of correlation within SIEM. It also emphasizes the significance of compliance with various standards and regulations, as well as industry best practices for effective cybersecurity incident detection, response, and management.

Keywords

SIEM, Security, SOC, Cyber Security, Insufficient logging, Live Log, Hot Log, Log Loss, Correlation

Abstract URL: http://aircconline.com/abstract/ijnsa/v15n6/15623ijnsa01.html

Original Source URL: https://aircconline.com/ijnsa/V15N6/15623ijnsa01.pdf

Volume URL: https://airccse.org/journal/jnsa23_current.html