Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Security Monitoring in hybrid on-prem/cloud environment
As organizations migrate portions of their on-prem data centers to the cloud, they must reevaluate their security monitoring strategy to align with a hybrid on-prem/cloud environment. There are many options/considerations. Among them are:
1) Deploying a virtual log collector in the cloud environment and forward logs to an on-prem SIEM. This may be preferable with a limited cloud deployment when compared to the on-prem. deployment.
2) Deploying a virtual log collector/processor as an extension of the on-prem SIEM, maintaining logs in the cloud. This may be preferable if the cloud deployment is a significant.
3) Leveraging a service provider to deploy and manager a separate v-SIEM for the cloud environment
What are other options that teams have successfully deployed to maintain the proper event visibility?
You must be logged in to reply to this topic.