Security information and event manager with ticketing system
Date of Publication
2012
Document Type
Bachelor's Thesis
Degree Name
Bachelor of Science in Computer Science
College
College of Computer Studies
Department/Unit
Computer Science
Thesis Adviser
Isaac Herculano S. Sabas
Defense Panel Member
Gregory G. Cu
Francis P. Lai
Arlyn Verina L. Ong
Abstract/Summary
With today’s need for increased security more and more security devices are being integrated into enterprise networks. This makes the task of reviewing logs from different network devices in the network a tedious task especially when signature based detection might pick up a lot of false positives. Also, SIEMs can help organizations with their regulatory compliance reports and internal auditing. This task is made easier by using Security Information and Event Manager (SIEM). SIEM parses, correlates, alerts and stores reports to be analyzed by the correlation engine of the SIEM so that only the report or a set of reports that needs attention will be presented to the analysis in a central interface. The main of this project is to develop SIEM to address the problems of centralization of security management, regulatory compliance reports, and networks security auditing. The project will be composed of four main components, the parser, the data storage, correlation engine and the user interface. A further motivation for the proponents to develop a SIEM is the lack of accessibility to the general public due to the high price tag that is associated to SIEMs.
Abstract Format
html
Language
English
Format
Accession Number
TU16787
Shelf Location
Archives, The Learning Commons, 12F, Henry Sy Sr. Hall
Physical Description
1 v. (various foliations) ; 28 cm.
Recommended Citation
Galinato, J. G., Mantua, J. C., Tan, L. B., & Valencia, J. P. (2012). Security information and event manager with ticketing system. Retrieved from https://animorepository.dlsu.edu.ph/etd_bachelors/14793