netsecln Posted February 17, 2016 Share Posted February 17, 2016 Just curious how much anyone knows about how their siem works. Seems to be pretty thorough. Is there any way to detect what IP it's running on and/or bypass their Detection methods while doing scans etc? Quote Link to comment Share on other sites More sharing options...
digininja Posted February 17, 2016 Share Posted February 17, 2016 A SIME is something that amalgamates information from other places, read more about them here http://searchsecurity.techtarget.com/definition/security-information-and-event-management-SIEM Knowing where it is running won't help you bypass detection as you are being detected by all sorts of other things such as IDS or system logs. As to how thorough they are, it depends on what you feed into them and how you interpret what they produce. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.