Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/107546
Title: | Ventajas e implementación de un sistema SIEM |
Author: | Veloy Mora, Ángel Luis |
Director: | Garcia-Font, Victor |
Tutor: | Chinea López, Jorge |
Abstract: | The present paper solves two different objectives. In the first part, theoretically, we demonstrate all the advantages of implementing a SIEM solution within an organization. At the same time, we describe the current maturity status of the latest generation of SIEM, that we can find within the trade. We have demonstrated the advantages of using a SIEM together with an UEBA/UBA and a SOAR. On the other hand, in a practical way, we have implemented a hybrid solution of SIEM in which all the company's data is stored within the Data Lake (in this case by ElasticSearch), to later send the most relevant events (notable events) to Splunk, for once stored in it, implement a SIEM with all its associated intelligence. Therefore, it has been demonstrated that through a low monetary investment, a fully functional SIEM solution can be implemented within a SOC of a small and medium-sized company. |
Keywords: | SIEM Splunk ELK computer security |
Document type: | info:eu-repo/semantics/masterThesis |
Issue Date: | Dec-2019 |
Publication license: | http://creativecommons.org/licenses/by-nc-nd/3.0/es/ |
Appears in Collections: | Trabajos finales de carrera, trabajos de investigación, etc. |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
aveloymTFM1219memoria.pdf | Memoria del TFM | 3,52 MB | Adobe PDF | View/Open |
Share:
This item is licensed under a Creative Commons License