SIEM research project of SECUINFRA in final phase!
A 6-member SIEM expert team of SECUINFRA is in the final phase of its research project, which is financially supported by the Federal Ministry for Economic Affairs and Energy. The research topic, which has been worked on vigorously for months, is:
“Fully automated test framework for SIEM use cases”.
The goal of the research project is to develop a toolset for the automated execution of a SIEM assessment. The toolset should be able to define attack simulations on an abstract level, to execute them and to capture the response of the connected SIEM systems.
The reason why the SECUINFRA team of experts chose this particular research topic lies in the special customer benefit that should result from the resulting solution: Only if SIEM use cases are regularly tested “end to end”, it can also be ensured that cyber attacks and compliance violations are detected by means of SIEM.
End to end here means:
- Simulate attack or compliance violation
- Generate event on source system
- Transfer event to SIEM
- Detect and alert on attack or compliance breach in SIEM
The research framework automates the testing of SIEM use cases so that they can be tested regularly and very efficiently by SECUINFRA after successful project completion.
About the Central Innovation Program for SMEs
With the Central Innovation Program for SMEs, the Federal Ministry for Economic Affairs and Energy promotes market-oriented technological research and development projects of the SME sector in Germany. It also supports the management and organization of innovation networks. The program is designed to sustainably strengthen the innovative strength and competitiveness of companies, including the skilled trades and the entrepreneurially active liberal professions. Companies and research institutions cooperating with them can receive grants under the ZIM for ambitious research and development projects that lead to new products, processes or technical services.