Badges
User Activity
Over 2 years ago
Contributed a review of IBM Security QRadar: Scalable, easy to use, but lacking features and modern user interface
About 3 years ago
Replied to Seckin Demir The Math of SIEM Comparison
@Seckin Demir If my comments do not satisfy you about the McAfee SIEM, you can check comments from Gartner
Limited advanced features and add-ons: McAfee lags behind competing SIEM vendors that offer cloud-native SIEM options, ML powered UEBA and SOAR add-on…
Over 3 years ago
Replied to reviewer1469436 Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
@reviewer1469436 Some SIEMs keeps data(log) hot for a long time with minimal disk size. For example, for 10000 EPS and 365 days live (hot), they require 20 TB disk size.This model may be easier than your model and very fast.
Over 3 years ago
Over 3 years ago
Answered a question: How to evaluate SIEM detection rules?
Some examples
https://drertugrulakbas.medium...
Over 3 years ago
Contributed a review of Apache Flink: Easy to use, stable, scalable, and has good community support with a lot of documentation
Over 3 years ago
Replied to Gary Budnick The Math of SIEM Comparison
@Gary Budnick, I think it is not missing. I mentioned their UEBA capability in my article.
Over 3 years ago
Replied to Augusto Barros The Math of SIEM Comparison
@Augusto Barros my sentence is: "Exabeam and Securonix are UEBA tools. They are not correlation-based solutions". It does not mean that Exabeam and Securonix do not provide the ability to build correlation based rules. I tried to emphasize their UEBA capability.
Over 3 years ago
Commented on The Math of SIEM Comparison
@CraigHeartwell, thanks for your spelling correction.
ArcSight acquired Interset for ML. Yes, LogRhythm can handle the logic.
SIEM Comparison table is on my mind for a long time. I published the Turkish version. I need to work to extend it before publishing.
Over 3 years ago
Contributed a review of MySQL: Easy to use, fast, and developer-friendly, but it should have better support for big data
Over 3 years ago
Answered a question: What is the difference between IT event correlation and aggregation?
They are not same. For evet monitoring (log management) aggregation is enough but if you need correlation then SIEM required. Aggregation means log parsing and correlation means developing rules to detect attacks
Over 3 years ago
Replied to John Stanford How to Select the Right SIEM Solution?
@John Stanford, you are right. A good Security Platform includes SIEM, UEBA, NTA, and SOAR. But most of the time, you have a limited budget, and you should select the best solution according to your budget. Especially for small businesses, budget is critical. If there is no…
Over 3 years ago
Replied to Mike Kehoe How to Select the Right SIEM Solution?
@Mike Kehoe There is no technical solution that does not require maintenance. You can outsource it or use a cloud-based solution. If you use a cloud-based solution, you have to check issues like compliance, regulations and ownership of the logs.
Projects
Almost 2 years ago
SureLog SIEMWorld's the most economical and technological SIEM solution
Website
http://www.surelogsiem.comThis product is intended for
Cyber Security Specialist, Compliance Manager, Auditor, Cyber Security Consultant, Cyber Security Engineer, Cyber Threat Investigator, Internal Audit…
Reviews
Over 2 years ago
IBM Security QRadar
Over 3 years ago
Apache Flink
Articles
Questions
Answers
Over 3 years ago
Security Information and Event Management (SIEM)
Over 3 years ago
Event Monitoring
Comments
About me
Specialties:SIEM/NMS/Log Management/APM, Understanding the security data, Machine Learning, Anomaly Detection
Interesting Projects and Accomplishments
Almost 2 years ago