Blumira Resources & Blog

Is This Thing On? How To Test Your SIEM

Written by Erica Mixon | Jun 8, 2021 4:35:19 PM


How can you make sure that your SIEM will alert you about security threats when they inevitably appear in your environment?  

A SIEM’s true value lies in its detections; by aggregating, analyzing and correlating your logs, you can identify potential security issues. When these detections fail, you may not identify a compromise early enough to prevent a major security event like a ransomware attack or data breach.

Join Andrew AJ King, CISO of BreachQuest, along with Blumira’s Amanda Berlin, Sr. Incident Detection Engineer and Erica Mixon, Content Marketing Manager, as they go through ways to test your SIEM

They’ll cover:

  • The process of testing for detections, such as users with non-expiring passwords
  • The benefits of using red team or pentest to actively test detections
  • Best practices and tools to make SIEM testing easier 

This interactive, conversational-style session encourages questions and engagement with viewers – so sign up today for access to our security experts.

Participants

Andrew (AJ) King, CISO, BreachQuest

Andrew (AJ) King is the Chief Information Security Officer at BreachQuest. Prior to joining BreachQuest, he was Director of Business Security and Automation at StoneX, where he established the company’s first cybersecurity program, which is now implemented in 60+ countries. Prior to that, he was Information Security Manager at Farm Bureau Financial Services, where he built security engineering, operations, and identity engineering teams, growing from 4 to 20+ employees.

Amanda Berlin, Sr. Incident Detection Engineer, Blumira

Based in Ohio, Amanda is a highly accomplished network defender well-regarded throughout the Midwest infosec community. She’s spent the last three years with NetWorks Group’s MDR team and Blumira, while most recently as a Sr. Incident Detection Engineer specializing in threat detection research as well as SecOps. Amanda serves as the founder and CEO of Mental Health Hackers, a nonprofit dedicated to providing education and guidance to tech workers around mental health topics. Amanda is also the co-host of the Brakeing Down Security podcast. She is the author of a Blue Team best practices book called “Defensive Security Handbook: Best Practices for Securing Infrastructure” with Lee Brotherston through O’Reilly Media.

Erica Mixon, Content Marketing Manager, Blumira

Erica has over five years of experience covering the tech industry. Prior to joining Blumira, she was a senior editor at TechTarget, where she wrote about enterprise IT topics such as virtualization, Windows 10, and data center management. She holds a Bachelor’s degree in writing, literature and publishing from Emerson College.

About Blumira’s 30-Minute How To Series

Blumira’s 30-Minute How To Series features practical security advice from experts in the information security industry. As a security and IT professional, you’ve got a busy schedule — that’s why we’ll waste no time in delivering you actionable educational content that you can apply to your everyday life.