SIEM research project of SECUINFRA in final phase!

SIEM research project of SECUINFRA in final phase!

A 6-member SIEM expert team of SECUINFRA is in the final phase of its research project, which is financially supported by the Federal Ministry for Economic Affairs and Energy. The research topic, which has been worked on vigorously for months, is:

“Fully automated test framework for SIEM use cases”.

The goal of the research project is to develop a toolset for the automated execution of a SIEM assessment. The toolset should be able to define attack simulations on an abstract level, to execute them and to capture the response of the connected SIEM systems.

The reason why the SECUINFRA team of experts chose this particular research topic lies in the special customer benefit that should result from the resulting solution: Only if SIEM use cases are regularly tested “end to end”, it can also be ensured that cyber attacks and compliance violations are detected by means of SIEM.

End to end here means:

• Simulate attack or compliance violation
• Generate event on source system
• Transfer event to SIEM
• Detect and alert on attack or compliance breach in SIEM

The research framework automates the testing of SIEM use cases so that they can be tested regularly and very efficiently by SECUINFRA after successful project completion.

Learn more about the SIEM area at SECUINFRA here!