“Did you ever experience the challenge to identify the adequate SIEM use cases to fulfil not only the compliance driven requirements but also the ability to have a high security detection coverage from day one? How can you ensure you will detect all attacks respectively you collect, and analysis all required events to identify anomalies?
We will introduce a comprehensive approach to directly address the challenge of SIEM use case identification and selection. In addition, we explain the answer of the problem of having a high detection maturity from day one with still a price efficient strategy and the capability to scale easily. Moreover, we present a recommended solution method to respond to attacks immediately, focused to the origin of the attack and to be able to collect all relevant data for additional investigations.”