FIISIEM

SIEM system is required to handle the increased level of security and to do analysis and management of centralized log. They were initially developed because of the inability of IT department of an organization to deal with a large number of alerts generated by Intrusion Detection System (IDS) &

Project Title

FIISIEM

Project Area of Specialization

Cyber Security

Project Summary

SIEM system is required to handle the increased level of security and to do analysis and management of centralized log. They were initially developed because of the inability of IT department of an organization to deal with a large number of alerts generated by Intrusion Detection System (IDS) & Intrusion Prevention System (IPS). It is a solution that provides monitoring, detection and alerting of security events within an IT environment. SIEM analytics delivers real-time alerts, dashboard and reports to several critical and management units. 
SEIM is important because it makes it easier for enterprises to manage security by filtering massive amounts of security data and prioritizing the security alerts that software generates. SIEM software enable organization to detect data that may otherwise go undetected. 
Our data will be used in customization of open source SEIM solution according to the needs of a particular organization. 
Our project statement is that we are taking an open source SIEM solution and we are customizing it according to the attack pattern which will be provided by an organization whom we are working with(MiGo innovations).
Result that we anticipate at the end of the project is a customized open source SIEM solution.
 

Project Objectives

Our objective is to cutomize a SIEM solution that can detect in-memory malware attacks and is highly efficeint and cost effective.

FIISIEM has following properties:

• Cost effective
• Affordable
• Generates alerts 
• Has a user freindly Graphical User Interface(GUI)
• Customized
• Can be deployed in a large network

Following are it's applications:

• Banks
• Telco companies
• Corporate Sector
• IT companies
• Law enforcement agencies

Project Implementation Method

First of all we configure a SIEM soltion into a network to collect logs from different network devices like firewalls IDS and IPS. Than we customized it to detect in-memory malware attacks that can happen on a network.Logs are viewed in real time and alert are generated incase of an attack on the network.

Benefits of the Project

Our customized SIEM solution  will help small organizations to  keep an eye on the incoming threats very efficiently and is also cost friendly than the already existing SIEM solutions that cost a hefty amount.Its relatively cheaper than already existing SIEM solutions like Q-radar, Splunk Enterprise Security ,OSSEC etc. Its also customized according to the needs of organization to make it efficient.

Technical Details of Final Deliverable

Logs are generated and recorded in the form of events by the different network devices i-e firewall, IPS/IDS, routers etc . Those logs are not easily readable by layman,  and attacks are easy to do , there is no real time decision making involved. In this case a SIEM solution comes in handy, it collects all the logs from network device applies set of ground rules on the real time logs and allows access according it also generates threat alarm incase an intrusion is made.

Final Deliverable of the Project

HW/SW integrated system

Core Industry

IT

Other Industries

Security

Core Technology

Artificial Intelligence(AI)

Other Technologies

Others

Sustainable Development Goals

Industry, Innovation and Infrastructure

Required Resources

If you need this project, please contact me on contact@adikhanofficial.com