Security Information and Event Management (SIEM)

Just starting to sink my teeth into Security Information and Event Management (SIEM). Never thought I’d like building the haystack before I started looking for the needle. There is quite a lot of information logged about some simple events that I thought would only touch one system. It is interesting to see all the things that happen under the hood and all the possible correlations you can draw when you finally take a look. I dont even have all the infrastructure on the network dumping log files into the SEIM yet it the screen flashes by. Hoping to put into practice some of the information that gets discussed when RSA comes by to do demos. This is intriguing and enjoyable. I always love new puzzles.

ADManager Plus Is a Good Tool

Today I’m working with ADManagerPlus in order to create efficiencies for the Service Desk team buy leveraging the User Creation templates. This is a nice feature when used with the ability to delegate specific AD access to Service Desk techs. When you give a tech the ability to create users and they leverage the template it not only frees up the server team it provides a way to automatically enforce naming standards and user permissions. This is the first time I have used a ManageEngine product and it has been very useful so far.