Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SIEM questions.

From: "Perez, Roberto" <Roberto.Perez () LMU EDU>
Date: Thu, 13 May 2021 22:32:20 +0000
Jonathan,

At LMU we currently have Splunk ES and managed by an third party (expensive), and I’m currently moving us to a 
different MSSP (https://www.oculusit.com/security-operations-center/) and as part of their services they use Ellastic 
as their SIEM (open-source).  We will still keep Splunk for now until our current contract expires and then determine 
if it makes sense to move over completely or look at others like Rapid 7’s InsightIDR which I really like as well.

Feel free to reach out directly if you want to hear more details.


Roberto Perez, CISSP, CISM, CDPSE, Cybersecurity Audit
Director, Information Security and Compliance
Information Technology Services<https://its.lmu.edu/>

[LMU logo]<https://www.lmu.edu/>

Daum Hall
1 LMU Drive
Los Angeles, CA 90045-2659
www.lmu.edu<http://www.lmu.edu/> | Privacy + Legal<http://www.lmu.edu/copyright/>

Office
310.258.5489<tel:+13102585489>
Email
roberto.perez () lmu edu<mailto:roberto.perez () lmu edu>

[https://s3.amazonaws.com/lmuemailsignature/email-fb.png]<https://www.facebook.com/lmula>[https://s3.amazonaws.com/lmuemailsignature/email-tw.png]<http://twitter.com/loyolamarymount>[https://s3.amazonaws.com/lmuemailsignature/email-in-1.png]<https://instagram.com/loyolamarymount/?hl=en>[https://s3.amazonaws.com/lmuemailsignature/email-li.png]<http://www.linkedin.com/edu/school?id=17875>[https://s3.amazonaws.com/lmuemailsignature/email-yt.png]<http://www.youtube.com/loyolamarymount>[https://s3.amazonaws.com/lmuemailsignature/email-pin.png]<https://www.pinterest.com/loyolamarymount/>




From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of "Kimmitt, 
Jonathan" <jonathan-kimmitt () UTULSA EDU>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Thursday, May 13, 2021 at 11:32 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] SIEM questions.

Reposting from the CIO group email for my CIO:

Happy Thursday,

Smaller institutions with pandemic-minded budgets, do you have a SIEM you’re using that is quality, provides insightful 
reporting and is either easy to manage OR managed externally? That you would recommend? (I’ll take warnings too!)

We’re looking to make a change within the next 12-18 months and I could use honest feedback on solutions, experience, 
cost, dedicated headcount support. Can email me directly:

Thanks much,


-Jonathan



~
Jonathan Kimmitt
CISSP, FIP, CDPSE, CIPP/E, CIPM, CIPT,
OTCP,GLEG, GPEN, GSNA, PCIP, CEH
Chief Information Security Officer
Information Technology
The University of Tulsa
918.631.2743


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Previous By Date Next
Previous By Thread Next

Current thread: