The management of information security and the protection of information assets deserve a constant attention by those organizations handling highly critical information. SIEM solutions provide a way to tackle this issue by means of security event management functionalities allowing the detection of security incidents that occurred in the past or happening right now and making the organizations able to generate countermeasures to diminish the impact of an incident. Besides the utility of these solutions, its application to SMEs and in public sector entities has not succeeded yet mainly due to the high cost of a SIEM solution and the lack of technical skills required for its deployment, configuration and roll-out. This project intends to generate a SIEM solution prototype that can be used in real scenarios to protect critical information assets exposed to common security threats, without a high economic investment from the organizations benefiting from it. Additionally, all the generated know-how will be documented aiming at disseminating all the lessons learnt and to describe a potential application scenario in the context of e-Health.
This project is part of an international research collaboration between the University of Murcia, Spain, and the Colombian Engineering School "Julio Garavito", Bogotá, Colombia.