Security Information and Event Monitoring as a Service: a Survey on Current Concerns and Solutions

Wenge, Olga; Lampe, Ulrich; Rensing, Christoph; Steinmetz, Ralf

doi:10.1515/pik-2014-0009

Cited by 8 publications

(9 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This consists of reconfiguring system components in real-time to stop or prevent an intrusion. IM in response to physical environments is mature; however, the increase in virtualization intrusions has become a new target and has led to many questions achieving the same protection in the Cloud (Wenge et al , 2014). While migrating from in-house systems to Cloud, IM does not change much to its implementation.…”

Section: Classificationmentioning

confidence: 99%

“…It then makes decisions based on data analysis and ensures the security of systems and the entire Cloud environment (Parkinson et al , 2018). SIEM demonstrates some features such as real-time, availability and reliability while being applied in the Cloud (Rieke et al , 2012; Wenge et al , 2014).…”

Section: Classificationmentioning

confidence: 99%

“…The controls cover the requirements for operational procedures and responsibilities, protection from malware, backup, logging (Gugelmann et al , 2015) and monitoring, control of operational software, technical vulnerability management, information systems audit considerations. This service prevents data loss (Gugelmann et al , 2015) (Category 2) and its monitoring and logging (Wenge et al , 2014) also enhance IM (Category 6).…”

Section: Classificationmentioning

confidence: 99%

“…Clause 16: Information security incident management. This clause covers controls for responsibilities and procedures, reporting security weaknesses, assessment and decision-making of security events, response to information security incidents, learning from previous incidents and gathering evidence (Schütte et al , 2012; Wenge et al , 2014). This one has a similar function as Category 7 SIEM (Parkinson et al , 2018).…”

Section: Classificationmentioning

confidence: 99%

“…Also, authorized registration and validation processes can be added into Cloud to prevent malicious attacks, spam emails and other such criminals [2] (Agarwal and Tarbotton, 2017). Besides, scanning vulnerabilities helps users discover potential security defects promptly and fixes the defects before happening (Albakri et al , 2014; Wenge et al , 2014). Explore the backup and collection plans of the Cloud provider is also a widespread response (Hussain and Abdulsalam, 2011).…”

Section: Classificationmentioning

confidence: 99%

See 4 more Smart Citations

Security-as-a-service: a literature review

Wang

Yongchareon

2020

IJWIS

View full text Add to dashboard Cite

Purpose This study aims to identify the level of security from existing work, analyze categories of security as a service (SECaaS) and classify them into a meaningful set of groups. Further, the report will advise commercial applications and advice of SECaaS as an extended context to help firms make decisions. Design/methodology/approach This paper compares the SECaaS categories in Cloud Security Alliance (CSA) with the security clauses in ISO/IEC 27002:2013 to give a comprehensive analysis of those SECaaS categories. Reviewed from a number of related literature, this paper analyzes and categorizes SECaaS into three major groups including protective, detective and reactive based on security control perspectives. This study has discussed the three groups and their interplay to identify the key characteristics and problems that they aim to address. Findings This paper also adds new evidence to support a better understanding of the current and future challenges and directions for SECaaS. Also, the study reveals both the positive and negative aspects of SECaaS along with business cases. It advises on various sizes and domains of organizations to consider SECaaS as one of their potential security approaches. Originality/value SECaaS has been demonstrated to be one of the increasingly popular ways to address security problems in Cloud computing. As a new concept, SECaaS could be treated as integrated security means and delivered as a service module in the Cloud. However, it is still in infancy and not very widely investigated. Recent studies suggest that SECaaS is an efficient solution for Cloud and real industries. However, shortcomings of SECaaS have not been well-studied and documented. Moreover, reviewing the existing research, researchers did not classify the SECaaS-related categories.

show abstract

Section: Classificationmentioning

confidence: 99%

Section: Classificationmentioning

confidence: 99%

Section: Classificationmentioning

confidence: 99%

Section: Classificationmentioning

confidence: 99%

Section: Classificationmentioning

confidence: 99%

See 3 more Smart Citations

Security-as-a-service: a literature review

Wang

Yongchareon

2020

IJWIS

View full text Add to dashboard Cite

show abstract

A Survey on Security as a Service

Wang

Yongchareon

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Recommender Systems in Cybersecurity

Ferreira

Silva

Itzazelaia³

2023

Knowl Inf Syst

View full text Add to dashboard Cite

With the growth of CyberTerrorism, enterprises worldwide have been struggling to stop intruders from obtaining private data. Despite the efforts made by Cybersecurity experts, the shortage of skillful security teams and the usage of intelligent attacks have slowed down the enhancement of defense mechanisms. Furthermore, the pandemic in 2020 forced organizations to work in remote environments with poor security, leading to increased cyberattacks. One possible solution for these problems is the implementation of Recommender Systems to assist Cybersecurity human operators. Our goal is to survey the application of Recommender Systems in Cybersecurity architectures. These decision-support tools deal with information overload through filtering and prioritization methods, allowing businesses to increase revenue, achieve better user satisfaction, and make faster and more efficient decisions in various domains (e-commerce, healthcare, finance, and other fields). Several reports demonstrate the potential of using these recommendation structures to enhance the detection and prevention of cyberattacks and aid Cybersecurity experts in treating client incidents. This survey discusses several studies where Recommender Systems are implemented in Cybersecurity with encouraging results. One promising direction explored by the community is using Recommender Systems as attack predictors and navigation assistance tools. As contributions, we show the recent efforts in this area and summarize them in a table. Furthermore, we provide an in-depth analysis of potential research lines. For example, the inclusion of Recommender Systems in security information event management systems and security orchestration, automation, and response applications could decrease their complexity and information overload.

show abstract

Security Information and Event Monitoring as a Service: a Survey on Current Concerns and Solutions

Cited by 8 publications

References 0 publications

Security-as-a-service: a literature review

Security-as-a-service: a literature review

A Survey on Security as a Service

Recommender Systems in Cybersecurity

Contact Info

Product

Resources

About