A look into a security consultant’s project to design, build and deploy a SOC infrastructure for a telecom provider in South America. From the Resource: “The customer objective was to monitor the network against attacks (vulnerable devices, brute force attacks, etc) and correlate events in order to identify hidden treats (DDOS, scanning, worms) and to identify business and operational frauds.” and “This task took several months but in the end the Audit team obtained a powerful [SIEM] tool that allowed them to easily identify hundreds of violations (operational and business) and also easily to change or add new rules.”

Link to Resource: Using SIEM tools for Fraud Detection

Source: Alexandre Cezar, ISC2

SIM Resource Guide Section: Security Information Management User Implementations and Success Stories