[转载]Preparing for Security Event Management
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])原始出处:[url]http://infosecwriters.com/[/url]
A Security Event Manager is a piece of software which takes as input logs and alerts from a variety of systems, such as Firewalls, Routers, and Servers, and attempts to inform the engineer of unusual occurrences which warrant further investigation. The SEM benefits from having available to it information coming from many systems at both the network and application level, having an understanding of event severity, and may also have access to vulnerability databases which describe common weaknesses and their exploitation. 译文:
安全事件管理器是一个这样的软件,它需要从多种系统中输入日志和警报,如防火墙,路由器和服务器,并试图向工程师报告值得进一步调查的不寻常现象。SEM受益于许多系统无论是在网络还是应用水平方面提供给它的资料,经过事件严重性的了解,也可能进入描述共同的弱点和他们的泄漏的脆弱性数据库。
页:
[1]