In February of 2006 I gave a preso at Grand Rapids' ISSA on SIM. This is a short deck - the first 11 slides - that has a nice overview on SIM concepts and what makes a product like ArcSight different from a product like eIQ FirewallAnalyzer (eIQ has their own SIM now).
The rest of the deck, which GR-ISSA members have access to, is lots of screen shots from ArcSight and a bit more about what we do internally with it for security ops. It's not really top secret, so if you'd like to see the whole deck, feel free to e-mail me.
More on SIM to come. Next week I call out Mike Rothman for suggesting that SIM can be "saved" by bolting crap onto it.
No comments:
Post a Comment