Mansurov Alexandr Valerievich (Assistant Professor, Altai State University, Barnaul)
Shabala Egor Evgenevich (Altai State University, Barnaul)
SIEM system is a necessity for business enterprises to aggregate and process all the data essential for cyber security incidents investigations. Small and medium business often cannot bear the costs of commercial SIEM systems, so the only option available is to look for alternatives. In this paper, the open source SIEM system is proposed. The proposed SIEM system is capable to collect all the data and perform an automatic and manual analysis and event correlation, thus, is deemed to be suitable to act as a competent SIEM system. It provides the necessary analysis tools for effective cyber security incidents processing and generating reports and alerts for cyber security personnel of small and medium business enterprises.
Keywords:SIEM, security incident, Suricata, ELK, Wazuh.
Read the full article …
Citation link: Mansurov A. V., Shabala E. E. Deployment of open source SIEM system for small and medium business enterprises // Современная наука: актуальные проблемы теории и практики. Серия: Естественные и Технические Науки. -2020. -№06. -С. 116-122 DOI 10.37882/2223-2966.2020.06.24 |