DESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK
Thirty-nine seconds is an attack that always occurs on the internet with six hundred percent being cybercrime incidents that occurred during the Covid-19 pandemic period. The pandemic has made the world rely on bold interactions, which indirectly implies that cybercrime is also on the rise. Hospi...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/66567 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:66567 |
|---|---|
| spelling |
id-itb.:665672022-06-29T04:34:56ZDESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK Rananta Natasha, Dita Indonesia Final Project Information Security, SOC, SIEM, SOAR INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/66567 Thirty-nine seconds is an attack that always occurs on the internet with six hundred percent being cybercrime incidents that occurred during the Covid-19 pandemic period. The pandemic has made the world rely on bold interactions, which indirectly implies that cybercrime is also on the rise. Hospitals and companies moving towards digital have become targets for cybercrimes in their actions. Almost every industry uses digital technology as a backbone in innovating, starting from e-commerce, smart cities, smart farming, smart health, and smart banking. Data security is important and the telecommunications industry can no longer only sell cheap services but they must improve by making a transformation for data quality, speed, and security in the technology sector. Mismanaging security leads to huge losses, both material and non-material. This final project discusses the design and implementation of a security operation center architecture that can assist the blue team (defender team) in handling suspicious activities. The system is composed of Security Information and Event management (SIEM) which can make settings related to logs generated by the company's services, monitor, and alert if there is suspicious activity. Furthermore, the system was strengthened with the addition of security orchestration, automation and response (SOAR) which can provide automated protection for the system. There are several tests and verifications that have been parameterized to find out that the system that has been created has been successfully completed. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
Thirty-nine seconds is an attack that always occurs on the internet with six hundred
percent being cybercrime incidents that occurred during the Covid-19 pandemic
period. The pandemic has made the world rely on bold interactions, which
indirectly implies that cybercrime is also on the rise. Hospitals and companies
moving towards digital have become targets for cybercrimes in their actions.
Almost every industry uses digital technology as a backbone in innovating, starting
from e-commerce, smart cities, smart farming, smart health, and smart banking.
Data security is important and the telecommunications industry can no longer only
sell cheap services but they must improve by making a transformation for data
quality, speed, and security in the technology sector. Mismanaging security leads
to huge losses, both material and non-material.
This final project discusses the design and implementation of a security operation
center architecture that can assist the blue team (defender team) in handling
suspicious activities. The system is composed of Security Information and Event
management (SIEM) which can make settings related to logs generated by the
company's services, monitor, and alert if there is suspicious activity. Furthermore,
the system was strengthened with the addition of security orchestration, automation
and response (SOAR) which can provide automated protection for the system.
There are several tests and verifications that have been parameterized to find out
that the system that has been created has been successfully completed. |
| format |
Final Project |
| author |
Rananta Natasha, Dita |
| spellingShingle |
Rananta Natasha, Dita DESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK |
| author_facet |
Rananta Natasha, Dita |
| author_sort |
Rananta Natasha, Dita |
| title |
DESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK |
| title_short |
DESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK |
| title_full |
DESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK |
| title_fullStr |
DESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK |
| title_full_unstemmed |
DESIGN AND IMPLEMENTATION OF SECURITY OPERATION CENTER INFRASTRUCTURE LOG MONITORING MANAGEMENT SYSTEM WITH ELASTIC STACK |
| title_sort |
design and implementation of security operation center infrastructure log monitoring management system with elastic stack |
| url |
https://digilib.itb.ac.id/gdl/view/66567 |
| _version_ |
1822933082574946304 |