Summary: <p>Today's episode talks about some SIEMple tests you can run on your SIEM (OMg see what I did there? I took the word <em>simple</em> and made it <em>SIEM</em>ple. Genius stuff, right? And there's no extra charge for it!). And if you're just now starting to shop around for a SIEM, this episode also has an extensive questionnaire you can use to put your vendors' feet to the fire and see what they're made of! Along with today's episode, I'm releasing a companion <a href="https://gist.github.com/braimee/edf91f87ee95b48c803895614a0ec57a" rel="nofollow noreferrer noopener" target="_blank">gist</a> that contains:</p> <ul> <li> <p><strong>Questionnaire</strong> - a series of questions you can ask SIEM vendors to gather as many data points about their products and services as possible</p> </li> <li> <p><strong>SIEM tests</strong> - a few tests you can conduct on your internal/external network to see if your SIEM solution indeed coughs up alerts</p> </li> </ul><p>Enjoy!</p>
