Miscellaneous
This Hash-Time Breakdown focuses on cyber security solution scoping, specifically, when deciding if you need a Security Information and Event Management (SIEM) device or not. Also which SIEM should you choose for your environment. Common questions covered include the following: 1. What are you trying to accomplish? 2. What do you have now? 3. Cloud vs on prem vs hybrid 4. EPS, bandwidth utilized 5. Data source scoping – what’s important? a. what do you have b. is it compatible 6. What is an egress point from an architectural standpoint and why does it matter? 7. Compliance and storage 8. Decryption 9. Cloud packet capture plugins