Security information and event manager with ticketing system

Date of Publication

2012

Document Type

Bachelor's Thesis

Degree Name

Bachelor of Science in Computer Science

College

College of Computer Studies

Department/Unit

Computer Science

Thesis Adviser

Isaac Herculano S. Sabas

Defense Panel Member

Gregory G. Cu
Francis P. Lai
Arlyn Verina L. Ong

Abstract/Summary

With today’s need for increased security more and more security devices are being integrated into enterprise networks. This makes the task of reviewing logs from different network devices in the network a tedious task especially when signature based detection might pick up a lot of false positives. Also, SIEMs can help organizations with their regulatory compliance reports and internal auditing. This task is made easier by using Security Information and Event Manager (SIEM). SIEM parses, correlates, alerts and stores reports to be analyzed by the correlation engine of the SIEM so that only the report or a set of reports that needs attention will be presented to the analysis in a central interface. The main of this project is to develop SIEM to address the problems of centralization of security management, regulatory compliance reports, and networks security auditing. The project will be composed of four main components, the parser, the data storage, correlation engine and the user interface. A further motivation for the proponents to develop a SIEM is the lack of accessibility to the general public due to the high price tag that is associated to SIEMs.

Abstract Format

html

Language

English

Format

Print

Accession Number

TU16787

Shelf Location

Archives, The Learning Commons, 12F, Henry Sy Sr. Hall

Physical Description

1 v. (various foliations) ; 28 cm.

This document is currently not available here.

Share

COinS