CyberMinds Logo

Course 4 - Automation Tools

SIEM and SOAR:

SIEM stands for Security Information and Event Management, while SOAR stands for Security Orchestration, Automation, and Response. SIEM tools help filter system interactions while alerting security professionals about suspicious activity. SIEM tools have a dashboard with a variety of graphs and logs that aid cybersecurity professionals. SOAR is the concept of using many methods and software to automate responses to security threats, SIEM is used for this.

*Video Credit: Simplilearn on Youtube

SIEM Tool Examples:

IDS and IPS:

IDS stands for Intrusion Detection System, while IPS stands for Intrusion Prevention System. An IDS is software that detects system intrusions (or potential intrusions) and alerts the monitoring person. An IPS takes this one step further. An IPS is an IDS with the added functionality of taking measures to prevent intrusions.

Programming:

People have the ability to code automation into security. For instance, they could write a script that sorts recent threats into different categories so they can analyze trends. Programming for security is often done with the Python programming language. But there are others as well. Bash scripting and Crontabs in Linux can be used to automate processes and commands.

Need Help?

Chat Box