NIST SP 800-137

Over the last decade, the problem of CyberSecurity has become the most pressing and challenging security problem of our time. As CyberSecurity threats and attacks grow in frequency and the enterprise risk escalates rapidly, businesses and governments are searching for innovative technologies to combat the problem more effectively. Enterprise customers today have deployed numerous security controls including security sensors such as intrusion prevention and detection systems as well as security tooling for identity, access and audit management. These systems enable enterprises to manage their security posture, generating a multitude of event alert streams as well as logs and audit records that contain potentially actionable intelligence that today is typically not fully mined nor available in real-time. The inability to consolidate and correlate these events and data automatically at line speeds and present them to the security analyst in a semantically-meaningful manner robs security analysts and administrators of a valuable tool to defend enterprise networks.

See online slide show (Registration required)