SIEM(Security information and events management)

when we want to secure digital assets we used multiple methods tools and secure implementations practices. SIEM solutions provide us deep visibility on our data which exist in different mediums

Comment 2

Inspiration

i got inspiration from opensource community like how they help community by tech evultion on of most my favrt project was linux .. from childhood i played with systems and curious about their backend.. later I pursue my career in cyber security and ethical hacking... our digital data are everywhere even personal private which laid to disaster if it expose. mostly organization using multiple tools and software to secure thier infrastructure and customer data even their personal data too. So for the organization which cant afford costly solution they go for opensource like one SIEM (security information and event management)

What it does

we built siem which gives us deep visibilty and control our data around endpoint and other network devices it push logs into bigdata logstash elk module and then apply rules elasticsearch for anomaly detection and registry watch and other security event

How we built it

we built upon elk stack with integration of wazuh kibana and jira and gmail for more detail look at our documentation currently running out of time sorry just 20 min left and unfornataly we write detail story and mistakenly close window without saving link

Challenges we ran into

opensource are great because free and supported by large community but it comes with complexity understanding multiple techy codes and their work

Accomplishments that we're proud of

we make it easy and automated the whole proccess and we work on it we can even provide free consultancy on siem and how to deploy

What we learned

threats are everywhere there is no bulletproof solution to stop cyber criminals . but we can overcome this issue by regular monitoring and logging every activity in our organisation to prevent in early stage

What's next for SIEM(Security information and events management)

we are going to integrate with UEBA(User and entity behavior analytics) and SOAR(Security orchestration, automation, and response) also strong our AI algorithm to identify and prevent social engineering attack

Built With

Share this project:

Updates