АНАЛИЗ РАСШИРЕННЫХ ВОЗМОЖНОСТЕЙ СИСТЕМЫ SIEM ЧЕРЕЗ ИНТЕГРАЦИЮ С IBM QRADAR

G.Z.  Ziyatbekova; Zh.  Bydakhmet; S.K.  Zamanova; Zh.Zh.  Kozhamkulova; A.K.  Adilbekova; S.M.   Zhaksybay

doi:10.58805/kazutb.v.2.23-467

Information and communication and chemical technologies

No. 2 (23) - 2024 / 2024-06-30 / Number of views: 43

ANALYZE SIEM SYSTEM ADVANCED FEATURES THROUGH INTEGRATION WITH IBM QRADAR

Authors

G.Z. Ziyatbekova⁺⁻
Zh. Bydakhmet⁺⁻
S.K. Zamanova⁺⁻
Zh.Zh. Kozhamkulova⁺⁻
A.K. Adilbekova⁺⁻
S.M. Zhaksybay ⁺⁻

Al-Farabi Kazakh National University

Non-profit joint-stock company “Almaty University of Power Engineering and Telecommunications after Gumarbek Daukeev”

Kazakh Ablaikhan university of international relations and world languages

Al-Farabi Kazakh National University

Keywords

SIEM, IBM QRadar, DDoS attack, information security, cybersecurity, monitoring, threat

Back

PDF (RU)

Link to DOI:

https://doi.org/10.58805/kazutb.v.2.23-467

How to quote

Ziyatbekova Г. ., Bydakhmet Ж., Zamanova С. ., Kozhamkulova Ж. ., Adilbekova А. ., and Zhaksybay С. . “ANALYZE SIEM SYSTEM ADVANCED FEATURES THROUGH INTEGRATION WITH IBM QRADAR”. КазУТБ, vol. 2, no. 23, June 2024, doi:10.58805/kazutb.v.2.23-467.

ACM ACS APA ABNT Chicago Harvard IEEE MLA Turabian Vancouver

Abstract

his article discusses important aspects of SIEM technology, the role in cybersecurity and its components, discusses the key role of the SIEM system in the modern world of information technology, and examines the main components of the SIEM system, including data collectors, correlation systems, dashboards and reports. The code is presented, which is part of a development designed to monitor network traffic and detect potential threats such as DDoS attacks. The main technologies and methods used are described below.