The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Carson Zimmerman - MITRE

Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.

Capabilities and Trends in Security Information Management Systems

Mar 03, 2004

Abstract

Computer Security Incident Handlers are tasked with the difficult job of sifting through large amounts of data from hundreds of network devices, IDS sensors, and computer systems everyday. Security Information Management (SIM) products are relatively new to the marketplace, but already promise a wealth of features that will aid the Computer Security Incident Response Center (CSIRC) team in their quest to find evidence of intrusions buried in the data. This presentation will touch on the challenges that spurred the development of SIM products, and survey the current best of breed SIM offerings as well as the players in the SIM market. SIM features such as data aggregation, correlation, and threat assessment will be discussed and related to the CSIRC mission. The presentation will conclude with SIM market predictions, forthcoming SIM functionality, and a discussion of potential research topics related to SIM.

About the Speaker

Carson Zimmerman is an InfoSec Engineer working at The MITRE Corporation in support of major US government CSIRCs. His work focuses on helping government agencies protect against and detect network intrusion and misuse. He has recently lead studies on SIM systems for several MITRE sponsors, supports a large enterprise SIM installation, and is recognized as an authority on SIM within MITRE.
Carson received his B.S. degree in Computer Engineering from Purdue in June of 2002.


Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!