SIEM Use Case Implementation and Tuning Process - Anton Chuvakin

Time to touch the main challenge: SIEM use case implementation / refinement process [also applicable to other monitoring technologies, like UBA / UEBA]. In our seminal paper on the topic, “Security Information and Event Management Architecture and Operational Processes”, (did I mention that it exud…