Addressing the challenges in aggregation and correlation of security event data from custom enterprise applications
| dc.contributor.author | Too, Mark M | |
| dc.date.accessioned | 2021-12-02T10:12:43Z | |
| dc.date.available | 2021-12-02T10:12:43Z | |
| dc.date.issued | 2021 | |
| dc.identifier.uri | http://erepository.uonbi.ac.ke/handle/11295/155880 | |
| dc.description.abstract | In Kenya most organizations are acquiring custom enterprise systems that help improve the efficiency of their business processes, these systems save their security logs in customized not standard format that cannot be extracted to upload to a SIEM. This study is aimed at providing a solution that can assist IT security specialists to extract the security information events from the custom enterprise systems and automatically upload them to a SIEM. This study outlines the development of a prototype application that extracts the security event information from the custom enterprise system aggregate them and apply some correlation rules then transmit the data to a SIEM. This is to ensure that IT security specialist have all the security information from the custom enterprise systems that will enable Security Operations center monitor and analyze activities | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | University of Nairobi | en_US |
| dc.rights | Attribution-NonCommercial-NoDerivs 3.0 United States | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/us/ | * |
| dc.subject | aggregation and correlation of security | en_US |
| dc.title | Addressing the challenges in aggregation and correlation of security event data from custom enterprise applications | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
Except where otherwise noted, this item's license is described as Attribution-NonCommercial-NoDerivs 3.0 United States