Try our new research platform with insights from 80,000+ expert users
2022-03-22T17:37:00Z

Looking for SIEM use cases and triggers

Hi everyone, 

I am looking for SIEM use cases and triggers.

On this thread https://www.peerspot.com/questions/what-are-the-top-use-cases-to-implement-after-deploying-a-siem, @David Swift said he has written SANS papers. I have looked for them (in white papers and gold papers) and cannot find them. Would anybody be able to help please? I found two papers on the wikipedia page, maybe there is more?

Other helpful resources would be good too, if any. Do you know other papers/documents listing SIEM use cases and triggers please?

Thank you for your help.

Kind Regards,

Bertrand

Bertrand - PeerSpot reviewer
  • 2
  • 7
FollowingFollow
Share
PeerSpot user
Buyer's Guide
Security Information and Event Management (SIEM)
March 2025
Get the category report
Helped 842,296 peers since 2012
5

5 Answers

DS
Real User
2022-03-23T17:59:13Z
Mar 23, 2022

You may also want to consider the MITRE ATT&CK framework.


https://attack.mitre.org/

Like(2)
Reply
Search for a product comparison in Security Information and Event Management (SIEM)
Go!
DS
Real User
2022-03-23T17:58:32Z
Mar 23, 2022

Best Practice Papers


Additional detail is available in several public papers vetted by SANS that have become industry best practices.


 A Process for Continuous Security Improvement Using Log Analysis


https://www.sans.org/white-pap...


#33824


 Successful SIEM and Log Management Strategies for Audit and Compliance


https://www.sans.org/white-pap...


#33528


 A Compliance Primer for IT Professionals


https://www.sans.org/white-pap...


#33538


 A Practical Application for SIM/SEM/SIEM Automating Threat Identification



https://www.sans.org/white-pap...


#1781


Like(1)
Reply
Bertrand - PeerSpot reviewer
User
Mar 25, 2022

@David Swift thank you

PeerSpot user
siemusecases - PeerSpot reviewer
User
2022-03-29T10:10:38Z
Mar 29, 2022

https://www.siemusecases.com is the probably the best starting point.

Like(0)
Reply
Bertrand - PeerSpot reviewer
User
2022-03-25T10:39:14Z
Mar 25, 2022

David has answered my question. Thank you!

Like(0)
Reply
EB
Real User
2022-03-23T13:24:49Z
Mar 23, 2022

Hi @David Swift ​and @Chiheb Chebbi, possibly you can help @Bertrand ​in answering their question.


Thanks! 

Like(0)
Reply
Buyer's Guide
Security Information and Event Management (SIEM)
March 2025
Download Free Report
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.
DOWNLOAD NOW
842,296 professionals have used our research since 2012.
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) tools offer comprehensive visibility and management of an organization’s security events through real-time analysis and correlation of data from multiple sources. SIEM solutions provide a centralized platform for managing security alerts and logs from various sources such as network devices, servers, and applications. They help identify and mitigate potential threats by analyzing event data for unusual patterns and correlations. These tools...
Download Security Information and Event Management (SIEM) ReportRead more

Related categories

Log Management
User Entity Behavior Analytics (UEBA)
Endpoint Detection and Response (EDR)

Related Q&As

Feb 5, 2025
Why is Security Information and Event Management (SIEM) important for companies?
Jul 13, 2023
When evaluating Security Information and Event Management (SIEM) Tools, what is the most important aspect to look for?

Related articles

Feb 6, 2025
Top SIEM Solutions & Success Stories: Strengthening Cybersecurity in Diverse Industries

Security Information and Event Management (SIEM) experts

Nagendra Nekkala. - PeerSpot reviewer
Nagendra Nekkala - PeerSpot reviewer
Derrick Brockel - PeerSpot reviewer
ZH
Join the PeerSpot community