A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is
Effective attack detection and security analytics rely on the availability of timely and fine-grained information about the evolving context of the protected environment. The data handling process entails collection from heterogeneous sources, local aggregation and transformation operations before transmission, and finally collection and delivery to multiple processing engines for analysis and correlation. Many SIEM tools work according to the "funnel" principle: gather as much data as possibledoi:10.5281/zenodo.5156519 fatcat:oonc5rihfrh3lfjmk3oe3hebdm