Show document

A+ | A- | | SLO | ENG

Title: Uvedba SIEM sistema v podjetju TEB d. o. o. : diplomska naloga Authors: ID Grmšek, Andrej (Author) ID Kolar, Janez (Mentor) More about this mentor... Files: VS_2024_Andrej_Grmsek.pdf (2,00 MB) MD5: A80EB7F7E1CFD2AC9E561C1BC4556B45   Language: Slovenian Work type: Bachelor thesis/paper Typology: 2.11 - Undergraduate Thesis Organization: FIŠ - Faculty of Information Studies in Novo mesto Abstract: Upravljanje varnostnih informacij in dogodkov (angl. Security Information and Event Management, v nadaljevanju SIEM) je ključno orodje za kibernetsko varnost, ki ponuja konsolidiran pogled na podatke, vpogled v varnostne dejavnosti in operativne zmogljivosti za učinkovit boj proti kibernetskim grožnjam. Rešitve SIEM izboljšujejo stanje informacijske varnosti z zagotavljanjem preglednosti v realnem času in zgodovinske analize. Grožnje in anomalije zaznavajo s hitro analizo ogromnih količin podatkov, kar bi bilo ročno nemogoče. Diplomska naloga predstavi vpeljavo sistema SIEM v srednje velikem podjetju. Najprej smo pregledali lastnosti podjetja in zakaj potrebuje SIEM. Za uspešno vpeljavo smo raziskali, kaj je dejansko SIEM, katere so glavne komponente in lastnosti, ter opisali uveljavljene produkte. Nato sta sledili izbira primernega produkta za naše podjetje in njegova postavitev v okolje. Podjetje je tako izboljšalo informacijsko varnost, začelo shranjevati dnevniške zapise na enem mestu in dobilo vpogled v delovanje informacijskega sistema. Keywords: SIEM, informacijska varnost, implementacija, SIM, SEM Place of publishing: Novo mesto Place of performance: Novo mesto Publisher: A. Grmšek Year of publishing: 2024 Year of performance: 2024 Number of pages: XIII, 49 str. PID: 20.500.12556/ReVIS-10741  COBISS.SI-ID: 205730819  UDC: 004.056:659.2(043.2) Note: Na ov.: Diplomska naloga : visokošolskega strokovnega študijskega programa prve stopnje; Publication date in ReVIS: 29.08.2024 Views: 298 Downloads: 17 Metadata:    Cite this work Plain text BibTeX EndNote XML EndNote/Refer RIS ABNT ACM Ref AMA APA Chicago 17th Author-Date Harvard IEEE ISO 690 MLA Vancouver : Copy citation

Share: Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Licences

License:	CC BY-NC-SA 2.5 SI, Creative Commons Attribution-NonCommercial-ShareAlike 2.5 Slovenia
Link:	https://creativecommons.org/licenses/by-nc-sa/2.5/si/deed.en
Description:	You are free to reproduce and redistribute the material in any medium or format. You are free to remix, transform, and build upon the material. You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. You may not use the material for commercial purposes. If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original. You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.

Secondary language

Language:	English
Abstract:	Essentially, Security Information and Event Management (SIEM) is a key cybersecurity tool that provides a consolidated view of data, insight into security activities, and operational capabilities to effectively combat cyber threats. SIEM solutions improve the state of information security by providing real-time visibility and historical analysis. They detect threats and anomalies by quickly analyzing huge amounts of data, which would be impossible manually. The thesis presents the introduction of a SIEM system in a medium-sized company. First, we reviewed the features of our company and why it needs a SIEM. For a successful implementation, we researched what SIEM actually is, what are the main components and features, and described established products. Then followed the selection of a suitable product for our company and the installation itself in the environment. With this, the company gained information security, started storing event entries in one place and gained insight into the functioning of the information system.
Keywords:	SIEM, information security, implementation, SIM, SEM

Back