Coming apart at the SIEMs …

Security Information and Event Management (SIEM)1 systems are all the rage at the moment – and with good cause. As you are all aware, one item of data2 does not a case make, it is the combination & correlation between

Timeline Analysis – A One Page Guide

First published February 2010 by Darren Quick Comments and suggestions may be sent to darren_q@hotmail.com Prepare The scope of the request determines the data to be collected, such as within a specific timeframe, and data of relevance such as specific

Intrusion Detection System Logs as Evidence and Legal Aspects

First published January 2007 Fahmid Imtiaz School of Computer and Information Science Edith Cowan University E-mail: fimtiaz@student.ecu.edu.au Abstract Modern techniques and methodologies for detecting attacks and malicious activities on computers and networks has evolved a lot over the last couple

The need for effective event management

First published November 2006 courtesy of GFI Software – www.gfi.com Introduction Underrated, undervalued and underutilized; events management is most often rated as a tedious and ungrateful task. System administrators shy away from event logs and the events contained within, citing