I can't even manage my Windows Logs on one PC let alone think about about managing any network, especially of this importance without a SIEM.
Jeff ! !
I can't even manage my Windows Logs on one PC let alone think about about managing any network, especially of this importance without a SIEM.
Jeff ! !
We are equally pleased with LEM.. As we all know (CU's that is)... every year the questions mount on analysis and monitoring from our regulators.
Great write up for you... nice work thecommodorekid
Thanks, I didn't write up the Case Study just posted it because I personally had been digging through my windows logs trying to figure a problem out when I posted that out of frustration.
Because when you stop and think about the DLP potential from just 1 device, or not monitoring and catching things quick enough heading out the front door via encrypted DNS query's, you do start to realize why they say the average breach is almost a year before it is recognized. Then you have to determine how they got in, what is missing or altered, have they gone lateral, are there any back doors or other footholds to let themselves right back-in.
I worry about the SMBs and CUs that might not have a SIEM in place yet or have the capability to configure, tune, and monitor it. They say that 95% of the US economy are SMBs for instance "they say" that the focus is on medical records for now, etc... How large is your primary care physician's IT staff? InfoSec Staff? Get's your attention.
Thanks for the positive feedback and keep those doors locked and ports battened down looks like a "Hard Rain's a going to fall."
Before we see sunshine all the time. :-)
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.