The Hole in Your SOC: How a compromise of your SIEM could be a disaster for your organization

Michael Music: The Hole in Your SOC: A look at how a compromise of your SIEM could be a disaster for your organization SIEM technology has become a norm for most organizations, filling the role of log aggregator, security event monitor, analysis platform, and threat intelligence tool. Despite spending resources to build these systems, organizations rarely consider the impact of unauthorized access to SIEM infrastructure. In this talk, we will explore the value of SIEM access to an attacker. This will include a brief overview of ways to gain unauthorized access to a SIEM, the value of the stored data to an attacker, and the disruption possibilities given this access. After this, we will give defenders some preventative actions to take against such a compromise. ----------- WEB: https://www.bsidestampa.net DISCORD: https://discord.gg/FhdkSNa24P TWITTER: https://twitter.com/bsidestampa MERCH: https://bsides-tampa.launchcart.store/ About BSides Tampa: B-Sides Tampa is an Information Technology Security Conference hosted by the Tampa Bay Chapter of (ISC)², a registered 501(c)3 non-profit organization. The purpose of the B-Sides Tampa is to provide an open platform for Information Security industry professionals to collaborate, exchange ideas and develop long standing relationships with others in the community. The B-Sides Tampa IT Security Conference took place Virtually on March 27th, 2021.