Can implementing an SIEM solution in the network provides you an effective protection against the security threats? The answer is ‘Yes’ and ‘No’. Yes because, SIEM solution if implemented and managed properly, then of course there will be significant improvement in the security posture of your environment. Then why ‘No’, because the solution needs to be implemented and managed effectively. Effectiveness of the solution depends on the way of implementation. Googling for SIEM implementation and use cases will not be effective since one size does not fit for all. The solution should be implemented after understanding the client requirement, criticality of the devices, nature of the business and the level of security that the client is expecting. Rules, Processes, Dashboard, reports everything should be customized with respect to the client.
Explore the full article in attached pdf.