In this most excellent edition of the Exploring Information Security podcast, I talk with Derek Thomas a senior information security analyst specializing in log management and SIEM on the topic of: "What is a SIEM?"

Derek (@dth0m) has a lot of experience with SIEM and can be found on Linkedin participating in discussions on the technology. I had the opportunity to hang out with Derek at DerbyCon in 2015 and I came away impressed with his knowledge of SIEM. He seemed to be very passionate about the subject and that showed in this interview.

In this episode, we discuss:

• How to pronounce SIEM
• What is a SIEM
• How to use a SIEM
• The biggest challenge using a SIEM
• How to tune the SIEM
• Use cases, use cases, use cases.

More Resources:

• Applied Network Security Monitoring: Collection, Detection, and Analysis by Chris Sanders and Jason Smith
• Network Forensics: Tracking Hackers through Cyberspace by Sherri Davidoff and Jonathan Ham.
• Logging and Log Management: The Authorative Guide to Understanding the Concepts Surrounding Logging and Log Management by Anton A. Chuvakin and Kevin J. Schmidt
• Anton A. Chuvakin Gartner blog
• Ultimate Windows Security

[RSS Feed] [iTunes]