Sunday, May 3, 2020

SIEM Implementation Steps

SIEM Solution Set Steps

Read the Executive Brief


  • Select and Implement a SIEM Solution – Executive Brief

Security Information and Event Management (SIEM) technology provides a great deal of visibility into an organization’s networks and can identify extremely sophisticated threats.
Use this Executive Brief to help make your case to:
  • Launch the SIEM project.
  • Select a SIEM solution.
  • Plan the SIEM implementation.


  • Select and Implement a SIEM Solution – Phases 1-3


Security Information and Event Management (SIEM) technology provides a great deal of visibility into an organization’s networks and can identify extremely sophisticated threats. Review the SIEM vendor market space and determine which vendor is right for your organization.

This SIEM project will allow you to:
  • Review an offer of the overall SIEM market.
  • Collect requirements for your organization and determine relevant use cases.
  • Create a selection strategy.
  • Review the Vendor Landscape of the main SIEM players.
  • Create and evaluate RFPs after shortlisting your vendors.
  • Create an implementation plan after your solution has been selected.
Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.

Launch the SIEM selection project and collect requirements

  • Select and Implement a SIEM Solution – Phase 1: Launch the SIEM Project

This phase of the Select and Implement a SIEM Solution blueprint will help you:
  • Assess value and identify fit.
  • Build the procurement team and project plan.
  • Identify your requirements for the SIEM.
Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.
  • SIEM Procurement Project Charter Template

Use this project charter template to ensure the following components of your project are scoped and identified prior to the launch of your project:
  • Identification of project stakeholders
  • Identification of a project sponsor and a project manager
  • Selection of the project team
  • Delineation of roles and responsibilities within the team
  • Creation of project oversight
  • Creation of a project plan
  • Mapping of project timelines and milestones
  • Allocation of project costs and budget
  • Risk management planning
Following a completion of these steps, receive approval to launch your SIEM selection and procurement project by receiving sign-off from the necessary executives or oversight committee. 


  • SIEM Appropriateness Tool

This tool aims to help the enterprise determine whether or not a Security Information and Event Management (SIEM) technology is appropriate for the organization.
This tool will:
  • Review your organization’s current status for a SIEM through a questionnaire.
  • Indicate the level of need for a SIEM solution.
The final indications in the tool will help you as you move forward in your product/vendor selection process and in determining cost.

  • SIEM Use-Case Fit Assessment

Info-Tech's SIEM Vendor Landscape is built around five functional use cases regarding SIEM technology: Threat Management, Compliance Management, Management of Security Events, SIEM Small Deployment, and Risk Management. Identify your own organization's alignment to these use-case scenarios using this tool. This tool contains:
  • A questionnaire for IT and business requirements
  • A results tab based on your answers to the questionnaire
If your responses indicate that you fit several use cases, focus on vendors that also fit those use cases.

Select a SIEM solution

  • Select and Implement a SIEM Solution – Phase 2: Select a SIEM Solution


This phase of the Select and Implement a SIEM Solution blueprint will help you:
  • Produce your vendor shortlist.
  • Select your SIEM solution.
Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.
  • SIEM RFP Template

A Request for Proposal (RFP) is a formal invitation issued by an organization asking interested vendors to submit written proposals meeting a particular set of requirements. This RFP template comes populated with crucial selection considerations including:
  • The Statement of Work
  • Proposal Preparation Instructions
  • Scope of Work, Technical Specifications, and Functional Requirements
  • Vendor Qualifications & References
  • Budget & Estimated Pricing
  • Vendor Certification
A detailed RFP saves time in the selection process and ensures that you select the best solution for the organization.

  • SIEM Suite Evaluation and RFP Scoring Tool

A key component of any evaluation is a Request for Proposal (RFP). Gathering and scoring the various responses to an RFP can be difficult and time consuming. This tool enables enterprises to evaluate and compare the results of an RFP process quickly and easily.
Use this tool to:
  • Determine each feature's level of importance to your organization.
  • If not using an RFP process, shortlist vendors with this tool.
  • Score and compare potential SIEM solution RFP responses.
  • SIEM Vendor Shortlist and Detailed Analysis Tool

This tool allows enterprises to profile their Security Information & Event Management (SIEM) requirements and generate a rank-ordered vendor shortlist from a fixed list of vendors. Vendor profiles are based on Info-Tech’s recent in-depth review of the SIEM market. The tool includes:
  • Variable prioritization for product suitability based on features, usability, affordability, and architecture.
  • Variable prioritization for vendor suitability based on viability, strategy, reach, and channel.
  • An automatically generated customized vendor landscape based on prioritization of each suitability factor.
Use this tool to narrow the vendors to a shortlist tailored to your organization’s requirements, then send out RFPs and schedule vendor demonstrations.

  • SIEM Vendor Demo Script

This template is designed to provide Security Information & Event Management (SIEM) vendors with a consistent set of instructions, ensuring an objective comparison of product features – all while evaluating ease of use, and ease of setup and configuration.
The template is pre-built with five common scenarios to leverage:
  • Log source configurations
  • Event correlation, alerting, log analysis, and incident management
  • Reporting features
  • Dashboard and access control features
  • Data management
  • Full threat visibility
  • Scalability
Vendor demonstrations are essential in order to evaluate SIEM user experiences. Allowing vendors to run the demonstration without your guidance will only highlight their strengths.

Plan the SIEM implementation

  • Select and Implement a SIEM Solution – Phase 3: Plan the SIEM Implementation
This phase of the Select and Implement a SIEM Solution blueprint will help you:
  • Create an implementation plan.
  • Measure the value of your SIEM solution.
Use Info-Tech’s research to gain more insight into which vendors and products are appropriate for your business, and follow our implementation plan to ensure that you are set up for success.


for the above information full credits goes to 



Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)