SIEM Design – Filtering Windows Events

A SIEM solution accepts logs from a wide variety of log sources including network security appliances, Linux systems and often windows domain joined systems to name a few. SIEM solutions are designed to analyse these logs and look for patterns and or suspicious behaviour that may indicate a security incident that could impact your business. […]