Study of challenges faced by Enterprises using Security Information and Event Management (SIEM)

Mukesh Yadav, Department of Computer Engineering SVKM's NMIMS Deemed to be University, Mukesh Patel School Of Technology Management & Engineering, Mumbai, India., Dhirendra S Mishra, Department of Computer Engineering SVKM's NMIMS Deemed to be University, Mukesh Patel School Of Technology Management & Engineering, Mumbai, India.
2021 Journal of University of Shanghai for Science and Technology  
The field of information security plays an important role in education, IT, health domain, etc. Much research has been carried out in order to secure data in hardware, on the cloud, and during transmission over the network. A secure data transmission and securing the stored data is still taken as one of the concerned areas. Cloud-based SIEM is used nowadays, which is the art and science to secure the information of the organization. SIEM is Security Information and Event Management, which means
more » ... securing the organization containing network devices and devices holding critical and sensitive information. In this paper, a survey is carried out to determine the gap in current security providers and areas that need attention. We take logs as input and send them to SIEM for analysis. Whether a SIEM is capable enough to determine the unknown threats and user behavior to identify insider threats. Also, terms such as EPS, False positive Rate, Mean Time to Resolution are used as compassion and aim to keep False positive rate and mean time resolution value low and EPS no restriction.
doi:10.51201/jusst/21/08422 fatcat:eeqy56iga5dbfp2l3uo43zvy5q