Integrating ICS Into Your Enterprise SIEM And Monitoring Strategy

No ratings

Presented at s4x17 2017 by

Terry Mccorkle

The number of products focused on detecting security events and incidents on ICS is growing quickly (and there are two sessions on this on Stage 2). The next step is to integrate the information from the ICS with information from the Enterprise and Threat Sources to complete the picture and improve analysis. This session will look at how to do this. Sending and accepting the information is the easy part. How do provide the context of the information is the challenge. The session will provide a number of practical examples where this fusion of information and coordinated analysis could be helpful.