Redscan: Achieving the best security outcomes through SIEM Use Cases

Redscan: Achieving the best security outcomes through SIEM Use Cases


Security Information and Event Management (SIEM) is a set of integrated log management and monitoring tools that help organisations detect and respond to cyber-attacks. SIEM systems aggregate, normalise and correlate log event information from endpoints, infrastructure and applications to detect potentially malicious activity. When anomalous behaviour is identified, an alert is generated for investigation.

These tools come out of the box with pre-defined rules, but to really maximise the best value from them, organisations need to be able to develop their own rules, or use cases, that expand threat coverage and visibility across their environments.

Join this webinar, hosted by cyber risk experts from Kroll and Redscan, to learn about the best practices for developing SIEM use cases.

Attendees will:

  • Discover different use cases and how they can be deployed to swiftly detect the latest adversarial techniques
  • See a demonstration of how to effectively develop SIEM use cases in the open signature format, Sigma
  • Learn more about effective integrations that facilitate automation
  • Gain insight into writing SIEM rules for their own environment

Developing a set of use cases will minimise the risk of cyber-attacks going undetected and impacting your organisation’s finances, reputation and compliance status. Please join us to find out more.

The webinar will be presented by Roger Bell, Head of Content at Redscan and Scott Hanson, Associate Managing Director at Kroll, and will take place on Wednesday 4th August at 4pm (BST).

Only registrations made with an organisational email address (e.g. work, education) will be accepted. Registrations made with personal addresses (e.g. gmail, yahoo) will not be accepted.