What is SIEM vs SIAM?

SIEM vs SIAM

SIEM: Security Information and Event Management (SIEM) is a software solution that aggregates and analyzes activity from many different resources across your entire IT infrastructure.

How do SIEM works?

It works by collecting log and event data generated by an organizations applications, security devices and host systems and bringing it together into a single centralized platform. SIEM gathers data from antivirus events, firewall logs and other locations; it sorts this data into categories, for example : malware activity and failed and successful logins. 

SIEM tool it identifies threat through a network security monitoring, which generates an alert and identifies a threat level based on predetermined rules set. Ex: If some user tries to log into an account 10 times in 10 minutes that is okay, but 100 times in 10 minutes might be flagged as an attempted attack.

By this, it detects threats and creates security alerts. SIEM’s custom dashboards and event management system improves investigative efficiency and reduces time wasted on false positives.

The threat detection element itself can help to detect threats in emails, cloud resources, applications, external threat intelligence sources and endpoints. This can include user and entity behaviour analytics (UEBA) which analyzes behaviours and activities to monitor for abnormal behaviours which could indicate a threat. It can also detect behaviour anomalies, lateral movement and compromised accounts.

Main features of SIEM

  • Threat Detection
  • Investigation
  • Time to respond

SIAM: Service Integration and Management (SIAM) is an approach to managing multiple suppliers of services (business services as well as information technology services) and integrating them to provide a single business-facing IT organization.

If you want to more about it, then just drop an email to info@doctoolss.com or contact the undersigned.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/| Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/ | WordPress: https://doctoolss.wordpress.com/

What is Hardware Security?

Hardware Security

To know about the hardware security, lets first understand what all is covered under hardware security here :

  • Mobile Device Security (MDS)
  • IoT Security
  • Vulnerable Device Lists
  • Physical Security
  • Drone and Vehicles
  • SCADA
  • BIOS and UEFI
  • Self Encryption Device
  • Hardware Security Module

Mobile Device Security (MDS)

As we first insert a SIM (Subscriber Identity Module) in our mobiles there is a pop up message on our mobile which asks for a SIM pin which acts a SIM locking mechanism and protect ones information which could be of SMS text messages, contact lists , subscribers information etc.

IoT Security

To know about the IoT security, please check our previous blog, click here.

Physical Security

Lockdown cables for laptops, computers or making secure to the servers . There is also locked server room racks.

Drones and Vehicles

Drones are considered to be an normal aircrafts fitted with the cameras. The firmware in a drone has geo-fencing software. There are vehicles which have internal networks. There are crucial functioning of a vehicle which is called “Controller Area Network (CAN)”.

SCADA

This stands for Supervisory Control and Data Acquisition, which is used to control industrial processes such as as with manufacturing or critical infrastructure like water, electricity, oil refineries which consists of both hardware and software to make all this happen. There are some protocols which also works with it like DN3P, T101 etc.

BIOS and UEFI

A web page labeled “BIOS Simulator Center” : opens in a web browser. It contain a sample simulator labelled”Lenovo BIOS Setup Utility”. It is divided into two parts i.e. menu bar and Content pane.

Self Encrypting Drivers

This provides protection at the hardware level for the data stored on a drive, if the drive or the device housing the drive is lost or stolen and depending on the configuration of the self encrypting drive, it might not require any user interaction after it’s configured.

Hardware Security Module (HSM)

It provides protection and storage for cryptographic secrets at the hardware or firmware level and supports hardware crypto processing. HSM are FIPS 140-2 compliant which means that they are compliant with US government security standards for cryptographic modules.

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com| Tumblr: https://www.tumblr.com/blog/doctoolss | Medium: https://medium.com/@doctoolss| Facebook: https://www.facebook.com/DTdoctoolss/  | Linkedin: https://www.linkedin.com/in/doc-tools-a302311a9/

Website Built with WordPress.com.

Up ↑

Create your website with WordPress.com
Get started