An organization is having difficulty correlating events from its individual AV, EDR, DLP, SWG, WAF, MDM,
HIPS, and CASB systems. Which of the following is the best way to improve the situation?
A. Remove expensive systems that generate few alerts.
B. Modify the systems to alert only on critical issues.
C. Utilize a SIEM to centralize logs and dashboards.
D. Implement a new syslog/NetFlow appliance.
HIPS, and CASB systems. Which of the following is the best way to improve the situation?
A. Remove expensive systems that generate few alerts.
B. Modify the systems to alert only on critical issues.
C. Utilize a SIEM to centralize logs and dashboards.
D. Implement a new syslog/NetFlow appliance.