{"id":176,"date":"2017-09-25T10:00:54","date_gmt":"2017-09-25T14:00:54","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=176"},"modified":"2018-04-23T16:07:07","modified_gmt":"2018-04-23T20:07:07","slug":"six-siem-pitfalls-to-avoid","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/","title":{"rendered":"How to Avoid the Six Most Common SIEM Pitfalls"},"content":{"rendered":"

\"SIEM<\/a>SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks. According to Gartner analyst Oliver Rochford, while SIEM solutions are undeniably valuable for cybersecurity, there are a few common pitfalls that can occur. Avoid the following to ensure your network will run smoothly.<\/p>\n
Widget not in any sidebars
\n

Lack of Planning:<\/strong> Every solution is different, which is why it\u2019s good to examine your company\u2019s needs before settling on one. Some solutions cater to large businesses or offer more sophisticated features, a wider variety of software execution possibilities, etc., which make them the most appealing. However, choosing a solution for the wrong reasons can lead to implementation problems, or failure to satisfy your company\u2019s needs. It is best to follow a formalized approach when making your selection.<\/p>\n

Failing to Define Scope:<\/strong> You must identify your primary objective (i.e. compliance, alerts, threat management, etc.) in order to employ the right security technologies and associated use cases.<\/p>\n

Unrealistic Scoping:<\/strong> Many companies believe their SIEM solution will properly monitor straight off the bat. However, the process takes time. Implementing technologies must be done homogeneously and in a phased manner for optimal performance and troubleshooting.<\/p>\n

Failure to Monitor Events:<\/strong> Rather than collecting every log and storing it, SIEM depends on correlation rules that rely on specific events and logs to most efficiently detect threats. Haphazardly collecting logs hinders performance and detection. A selective case-by-case basis yields the most effective results.<\/p>\n

Lack of Context:<\/strong> By themselves, event types can be hard to analyze. For example, a user accessing a server might not seem like a risk, but if the user is from a marketing department is accessing a server in research and development, it may falsely report malicious activity. Organizational context should be integrated into the SIEM to prevent this.<\/p>\n

Inadequate Staffing:<\/strong> SIEM software requires around the clock real-time monitoring. Your employees must keep an eye on the log management logs, and regular reviews and reports. Ideally, at least four employees should be responsible for this. Should this exceed your available budget, a managed security provider would be most helpful.<\/p>\n
Widget not in any sidebars
\n
Widget not in any sidebars
\n","protected":false},"excerpt":{"rendered":"

SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks. According to Gartner analyst Oliver Rochford, while SIEM solutions are undeniably valuable for cybersecurity, there are a few common pitfalls that can occur. Avoid the following to ensure your network […]<\/p>\n","protected":false},"author":1,"featured_media":178,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[75,13,40,42],"acf":[],"yoast_head":"\nHow to Avoid the Six Most Common SIEM Pitfalls<\/title>\n<meta name=\"description\" content=\"SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Avoid the Six Most Common SIEM Pitfalls\" \/>\n<meta property=\"og:description\" content=\"SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2017-09-25T14:00:54+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-04-23T20:07:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"270\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Doug Atkinson\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Doug Atkinson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/\",\"name\":\"How to Avoid the Six Most Common SIEM Pitfalls\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg\",\"datePublished\":\"2017-09-25T14:00:54+00:00\",\"dateModified\":\"2018-04-23T20:07:07+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\"},\"description\":\"SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg\",\"width\":600,\"height\":270,\"caption\":\"SIEM Pitfalls\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Avoid the Six Most Common SIEM Pitfalls\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\",\"name\":\"Doug Atkinson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"caption\":\"Doug Atkinson\"},\"description\":\"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.\",\"sameAs\":[\"https:\/\/solutionsreview.com\"],\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/doug-atkinson-4\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Avoid the Six Most Common SIEM Pitfalls","description":"SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/","og_locale":"en_US","og_type":"article","og_title":"How to Avoid the Six Most Common SIEM Pitfalls","og_description":"SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2017-09-25T14:00:54+00:00","article_modified_time":"2018-04-23T20:07:07+00:00","og_image":[{"width":600,"height":270,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg","type":"image\/jpeg"}],"author":"Doug Atkinson","twitter_misc":{"Written by":"Doug Atkinson","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/","name":"How to Avoid the Six Most Common SIEM Pitfalls","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg","datePublished":"2017-09-25T14:00:54+00:00","dateModified":"2018-04-23T20:07:07+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae"},"description":"SIEM (Security Information and Event Management) solutions are essential to enterprises for managing logs and workflow, real-time analysis of security alerts, and support against attacks.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/SIEM_Pitfalls.jpg","width":600,"height":270,"caption":"SIEM Pitfalls"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/six-siem-pitfalls-to-avoid\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"How to Avoid the Six Most Common SIEM Pitfalls"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae","name":"Doug Atkinson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","caption":"Doug Atkinson"},"description":"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.","sameAs":["https:\/\/solutionsreview.com"],"url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/doug-atkinson-4\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/176"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=176"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/176\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/178"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=176"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=176"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=176"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}