Managing Threats and Compliance While Automating the CSCs: EiQ SecureVue Review

by Jerry Shenk
Sept. 1, 2017 0 comments SANS Institute management & leadership

Many small- to mid-sized organizations are finding it difficult to deal with the technical aspects of log management, security monitoring and compliance reporting. The on-staff security expertise needed to manage the collection, correlation, reporting and response to security information and event data is nearly impossible for many small- and medium-sized (SMB) organizations. The initial goal, as recommended in the Critical Security Controls (CSCs),1 is to automate the process of detection and remediation with notification within 24 hours and remediation within an hour after that.