The document discusses the importance of security and auditing in network management, emphasizing the need for a comprehensive SIEM solution. It raises concerns about unauthorized access, auditing network devices, and the necessity of analyzing web server errors. Additionally, it suggests that preventive security measures alone may not suffice in protecting business-critical applications from potential attacks.

1. EventLog Analyzer
Siddharth Sharathkumar

2. 2
Security and Auditing
One SIEM solution to rule them all.

3. GUARDING NETWORK
PERIMETER
Auditing your network devices

4. Is someone accessing something they
shouldn't be allowed to?
Denied
connections
Traffic allowed
Firewall rule
change
But how?

5. SECURING BUSINESS
CRITICAL APPLICATIONS

6. Comprehensively audit web server errors
Request
access to
web server
Request
failed
Too many errors?
Bad gateway
errors?
Do I need to
revamp my
resources?
Or is
someone up
to no good?
Repeated requests

7. CUSTOM LOG PARSER

8. Threat Intelligence
You sha;; not passYOU SHALL NOT PASS!!!

9. Preventive security solutions alone aren't going to be enough
9

10. Backtracking a security attack

11. THANK YOU
Queries?