{"title":"基于 SIEM 系统构建安全企业基础设施的数据收集原则","authors":"A. D. Popov, A. N. Nikitenko","doi":"10.21822/2073-6185-2024-51-1-173-179","DOIUrl":null,"url":null,"abstract":"Objective. The purpose of the article is to present the main capabilities and advantages of implementing and using SIEM systems.Method. System analysis method was used.Result. The main systems of the SIEM class are described, their main capabilities, advantages and disadvantages are listed, and various options for constructing such systems and principles of data collection are considered.Conclusion. Studying the functioning of systems of this type allows us to assess the possibility of their use in the construction of security systems of various scales and architectures. To make maximum use of the capabilities of SIEM systems, it is necessary to adapt and configure it to specific information security requirements. The prospect for further research will be the use of hybrid approaches based on intermediate storage using data streaming.","PeriodicalId":202454,"journal":{"name":"Herald of Dagestan State Technical University. Technical Sciences","volume":" 6","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Principles of data collection for building a secure enterprise infrastructure based on SIEM systems\",\"authors\":\"A. D. Popov, A. N. Nikitenko\",\"doi\":\"10.21822/2073-6185-2024-51-1-173-179\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Objective. The purpose of the article is to present the main capabilities and advantages of implementing and using SIEM systems.Method. System analysis method was used.Result. The main systems of the SIEM class are described, their main capabilities, advantages and disadvantages are listed, and various options for constructing such systems and principles of data collection are considered.Conclusion. Studying the functioning of systems of this type allows us to assess the possibility of their use in the construction of security systems of various scales and architectures. To make maximum use of the capabilities of SIEM systems, it is necessary to adapt and configure it to specific information security requirements. The prospect for further research will be the use of hybrid approaches based on intermediate storage using data streaming.\",\"PeriodicalId\":202454,\"journal\":{\"name\":\"Herald of Dagestan State Technical University. Technical Sciences\",\"volume\":\" 6\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-04-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Herald of Dagestan State Technical University. Technical Sciences\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.21822/2073-6185-2024-51-1-173-179\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Herald of Dagestan State Technical University. Technical Sciences","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.21822/2073-6185-2024-51-1-173-179","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Principles of data collection for building a secure enterprise infrastructure based on SIEM systems
Objective. The purpose of the article is to present the main capabilities and advantages of implementing and using SIEM systems.Method. System analysis method was used.Result. The main systems of the SIEM class are described, their main capabilities, advantages and disadvantages are listed, and various options for constructing such systems and principles of data collection are considered.Conclusion. Studying the functioning of systems of this type allows us to assess the possibility of their use in the construction of security systems of various scales and architectures. To make maximum use of the capabilities of SIEM systems, it is necessary to adapt and configure it to specific information security requirements. The prospect for further research will be the use of hybrid approaches based on intermediate storage using data streaming.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
