Please use this identifier to cite or link to this item:

http://hdl.handle.net/10609/107546
Title: Ventajas e implementación de un sistema SIEM
Author: Veloy Mora, Ángel Luis
Director: García Font, Víctor
Tutor: Chinea López, Jorge
Keywords: SIEM
Splunk
ELK
computer security
Issue Date: Dec-2019
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: The present paper solves two different objectives. In the first part, theoretically, we demonstrate all the advantages of implementing a SIEM solution within an organization. At the same time, we describe the current maturity status of the latest generation of SIEM, that we can find within the trade. We have demonstrated the advantages of using a SIEM together with an UEBA/UBA and a SOAR. On the other hand, in a practical way, we have implemented a hybrid solution of SIEM in which all the company's data is stored within the Data Lake (in this case by ElasticSearch), to later send the most relevant events (notable events) to Splunk, for once stored in it, implement a SIEM with all its associated intelligence. Therefore, it has been demonstrated that through a low monetary investment, a fully functional SIEM solution can be implemented within a SOC of a small and medium-sized company.
Language: Spanish
URI: http://hdl.handle.net/10609/107546
Appears in Collections:Bachelor thesis, research projects, etc.

Share:
Export:
Files in This Item:
File Description SizeFormat 
aveloymTFM1219memoria.pdfMemoria del TFM3.52 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons