Try our new research platform with insights from 80,000+ expert users

Looking for SIEM use cases and triggers

Hi everyone,

I am looking for SIEM use cases and triggers.

On this thread https://www.peerspot.com/questions/what-are-the-top-use-cases-to-implement-after-deploying-a-siem, @David Swift said he has written SANS papers. I have looked for them (in white papers and gold papers) and cannot find them. Would anybody be able to help please? I found two papers on the wikipedia page, maybe there is more?

Other helpful resources would be good too, if any. Do you know other papers/documents listing SIEM use cases and triggers please?

Thank you for your help.

Kind Regards,

Bertrand

Works

2
11

Security Information and Event Management (SIEM)

Get the category report

Helped 816,192 peers since 2012

5 Answers

Last answered Mar 29, 2022

DS

Works

Real User

Mar 23, 2022

You may also want to consider the MITRE ATT&CK framework.

https://attack.mitre.org/

Search for a product comparison in Security Information and Event Management (SIEM)

DS

Works

Real User

Mar 23, 2022

Best Practice Papers

Additional detail is available in several public papers vetted by SANS that have become industry best practices.

 A Process for Continuous Security Improvement Using Log Analysis

https://www.sans.org/white-pap...

#33824

 Successful SIEM and Log Management Strategies for Audit and Compliance

https://www.sans.org/white-pap...

#33528

 A Compliance Primer for IT Professionals

https://www.sans.org/white-pap...

#33538

 A Practical Application for SIM/SEM/SIEM Automating Threat Identification

https://www.sans.org/white-pap...

#1781

Works

User

Mar 25, 2022

@David Swift thank you

Works at a consultancy with 51-200 employees

User

Mar 29, 2022

https://www.siemusecases.com is the probably the best starting point.

Works

User

Mar 25, 2022

David has answered my question. Thank you!

EB

Director of Community at PeerSpot (formerly IT Central Station)

Community Manager

Mar 23, 2022

Hi @David Swift and @Chiheb Chebbi, possibly you can help @Bertrand in answering their question.

Thanks!

Security Information and Event Management (SIEM)

Download Free Report

Find out what your peers are saying about Splunk, Microsoft, Wazuh and others in Security Information and Event Management (SIEM). Updated: November 2024.

816,192 professionals have used our research since 2012.

Related categories

User Entity Behavior Analytics (UEBA)

Endpoint Detection and Response (EDR)

Related Q&As

Sep 18, 2024

Why is Security Information and Event Management (SIEM) important for companies?

Jul 13, 2023

Why is Security Information and Event Management (SIEM) important for companies?

Related articles

Mar 19, 2024

Top SIEM Solutions & Success Stories: Strengthening Cybersecurity in Diverse Industries

Jan 24, 2023

Features of Today's SIEMs – Requirements for Today’s Attacks and Breaches

Security Information and Event Management (SIEM) experts

Nagendra Nekkala.

Senior Manager ICT & at Bangalore International Airport Limited

Olajide Olusegun

Network Team Lead at Atlas Security

Nagendra Nekkala

Senior Manager ICT & Innovations at Bangalore International Airport Limited

Prateek Agarwal

Manager at a tech company with 201-500 employees

Security Engineer-DevSecOps at a computer software company with 51-200 employees

Derrick Brockel

Senior Manager of Operations at a comms service provider with 10,001+ employees

JA

Technical Architect at Orange España

reviewer1319712

Systems Engineer at a tech services company with 11-50 employees

Join the PeerSpot community