Showing posts from November, 2018

SIEM: A rose by any other name

SLM/LMS, SIM, SEM, SEC, SIEM Following is an extract from the AlienVault whitepaper “ SIEM-for-Beginners ” Although the industry has settled on the term ‘SIEM’ as the catch-all term for this type of security software, it evolved from several different (but complementary)    technologies that came before it.     • LMS “Log Management System” – a system that collects and stores log files (from operating systems, applications, etc)     from multiple hosts and systems into a single location, allowing centralized access to logs instead of accessing them from    each system individually.     • SLM /SEM “security Log/Event Management” – an LMs, but marketed towards security analysts instead of system     administrators. SEM is about highlighting log entries as more significant to security than others.     • SIM “security information Management” – an asset Management system, but with features to incorporate security information    too. Hosts may have vulnerability re

What is a CASB (Cloud Access Security Broker)?

Cloud access security brokers (CASB) are on-premises or cloud-hosted software that sit between cloud service consumers and cloud service providers to enforce security, compliance, and governance policies for cloud applications. CASBs help organizations extend the security controls of their on-premises infrastructure to the cloud. Reference: