Question

Case Study #4: Technology & Product Review for an SIEM Solution
Case Scenario:
Agile Belair (the “client”) is a high technology company with multiple locations (“satellite campuses”) within a metropolitan area. Due to the sensitive nature of their business and the risk of intellectual property theft, the company needs a robust Security Information and Event Monitoring solution (SIEM) which is capable of detecting and responding to attacks. The company had tried building its own SIEM solution to collect and interpret log files and event data. But, during pilot testing they determined that the product was lacking in its reporting and alerting capabilities. Their custom solution also had problems handling the high volume of event data being reported from its satellite campuses.
The client’s Chief Technology Officer has asked your company to research and recommend a product which will allow them to incorporate a next generation SIEM solution into their multi-campus infrastructure. The CTO specifically wants an SIEM solution that combines real-time monitoring, threat analytics, and event management / reporting.
Research:
1. Review the Week 7 readings.
2. Choose one of the SIEM products from the Gartner Magic Quadrant analyses.
3. Research your chosen product using the vendor’s website and product information brochures.
(Vendors for highly rated products will provide a copy of Gartner’s most recent Magic Quadrant report on their websites but, registration is required.)
4. Find three or more additional sources which provide reviews for (a) your chosen product or (b) general information about SIEM technologies and solutions.
Write:
Write a 3 page summary of your research. At a minimum, your summary must include the following:
1. An introduction or overview for the security technology category (SIEM).
2. A review of the features, capabilities, and deficiencies for your selected vendor and product 3. Discussion of how the selected product could be used by your client to support its cybersecurity objectives by reducing risk, increasing resistance to threats/attacks, decreasing vulnerabilities, etc.
As you write your review, make sure that you address security issues using standard cybersecurity terminology (e.g. 5 Pillars IA, 5 Pillars Information Security). See the resources listed under Course Resources > Cybersecurity Concepts Review for definitions and terminology.
Formatting Instructions
Use standard APA formatting for the MS Word document that you submit to your assignment folder. Formatting requirements and examples are found under Course Resources > APA
Resources.

Solution Preview

This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.

The provided scenario reveals that Agile Belair experiences network security issues in two fields: (a) threat detection and (b) management of incident response. Both problems derive from (1) the incapacity of providing dependable security solutions and (2) scalability difficulties in enterprise environment. In this context, dependable security product has five components: (1) reliability, (2) security, (3) safety, (4) resilience, and (5) availability (Sommersville, 2010, pp. 289-309). QRadar SIEM intends to overcome the current challenges based on its Sense Analytics engine and Security Intelligence module. ...

This is only a preview of the solution. Please use the purchase button to see the entire solution

$35.00

or $1 if you
register a new account!

Assisting Tutor

Related Homework Solutions

Protocol Analyzer Usage & Domain Zone File Example
Homework Solution
$30.00
Wireshark
Protocol
Network
Analyzer
Domain
Zone
File
DNS
Email
Web
Server
Name
Sniffer
Legitimate
Illegitimate
Management
Attacker
Vulnerability
Wareagle
NS
FTP
Two Digital Archaeology Questions
Homework Solution
$15.00
Art
Science
Digital
Forensics
Archaeology
Accurate
Analysis
Exculpatory
Incriminating
Evidence
Acquisition
Preservation
Get help from a qualified tutor
Live Chats