{"id":1324,"date":"2022-02-24T05:03:32","date_gmt":"2022-02-24T05:03:32","guid":{"rendered":"https:\/\/ciberseguridad.situada.online\/index.php\/about\/"},"modified":"2024-04-06T05:55:28","modified_gmt":"2024-04-06T03:55:28","slug":"proyecto","status":"publish","type":"page","link":"https:\/\/ciberseguridad.situada.online\/en\/proyecto\/","title":{"rendered":"About the Project"},"content":{"rendered":"
\n

About the Project<\/h1><\/div>\n<\/div><\/div>\n\n\n\n
\n

Project description<\/strong><\/h3><\/div>

Este proyecto surge del Trabajo de Fin de M\u00e1ster (TFM) del Master en Ciberseguridad, titulado \u00abMetodolog\u00eda para la implementaci\u00f3n de un SIEM open-source robusto en organizaciones de la Administraci\u00f3n P\u00fablica\u00bb

The main objective of the research is to develop a detailed methodology for implementing a robust open-source SIEM (Security Information and Event Manager) in government organizations. Using innovative approaches and open-source tools, it seeks to improve public sector entities' cybersecurity posture and protect critical infrastructures and citizens' data.<\/p><\/div><\/div>\n<\/div><\/div>\n\n\n\n

\n

Background<\/strong><\/h2><\/div>\n\n\n\n
<\/div>

These studies are essential because they explore how implementing open-source tools in public organizations with budget constraints and limited resources can be critical to addressing cybersecurity challenges in Latin America and the Caribbean (LAC). Given technology's growing role in government management, understanding how these tools can strengthen cyber defenses and protect critical data is essential to ensuring security and trust in digital services.<\/p><\/div><\/div>\n<\/div><\/div>\n\n\n\n

<\/div><\/div>\n\n\n\n
\n
\n
<\/path><\/svg><\/div>

Implementing a Robust Open-Source SIEM: A Methodology for Strengthening Public Sector Cyber Defense<\/strong><\/strong><\/h3><\/div>

This study presents a methodology for implementing an open-source tool to strengthen cyber defense in response to growing cybersecurity challenges in public administration. It highlights the advantages of open-source software in terms of cost and flexibility, especially given the budgetary constraints and lengthy administrative processes that hinder technology adoption in many LAC countries. In addition to implementation, other open-source solutions are integrated to extend cybersecurity capabilities, thus providing a holistic approach to addressing threats in the digital environment.
<\/p>

Read more<\/span><\/path><\/svg><\/a><\/div><\/div><\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n
<\/div>\n\n\n\n
\n
\n
<\/path><\/svg><\/div>

Resource 1<\/strong>: Glossary<\/strong><\/h3><\/div>

The glossary defines key cybersecurity terms for implementing SIEM (Security Information and Event Management). <\/p>

Read more<\/span><\/path><\/svg><\/a><\/div><\/div><\/div>\n<\/div>\n\n\n\n
<\/path><\/svg><\/div>

Resource 2<\/strong>: Manual<\/strong><\/h3><\/div>

The user manual provides detailed instructions and case studies for using the open-source SIEM. Its clear and straightforward steps guide users through monitoring and managing the SIEM to strengthen cyber defense.<\/p>

Read more<\/span><\/path><\/svg><\/a><\/div><\/div><\/div>\n\n\n\n
\n
<\/path><\/svg><\/div>

Resource 3: Guide<\/strong><\/h3><\/div>

The practical guide provides a step-by-step approach to implementing Wazuh SIEM in government organizations. From scope definition to integration with other tools, this guide provides detailed guidance to ensure a robust, sustainable, and successful implementation of open-source SIEM.<\/p>

Read more<\/span><\/path><\/svg><\/a><\/div><\/div><\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n
<\/div><\/div>\n\n\n\n
\n
\n
<\/path><\/svg><\/div>

General Objective<\/strong><\/h3><\/div>

This project aims to improve organizations' cybersecurity posture for detection, response, and protection against cyber threats by creating a methodology for implementing an effective open-source SIEM tool.<\/p><\/div><\/div>\n<\/div>\n\n\n\n

\n
<\/path><\/svg><\/div>

Specific Objectives<\/strong><\/h3><\/div>

1. Research current best practices and approaches to implementing SIEM systems, including using resources such as a glossary to ensure an understanding of key terms.

2. Design a detailed methodology that covers the entire process, from planning and integration to ongoing management of an open-source SIEM in organizations. The methodology should include developing resources such as a user manual and a guide to facilitate the tool's operation and configuration.

3. Test and validate the proposed methodology in simulated and real-world environments to evaluate its effectiveness and feasibility in different organizational contexts, using resources such as a comprehensive guide to orient the process.

4. Provide specific recommendations to improve the implementation and management of open-source SIEM, emphasizing resource optimization and leveraging existing resources.<\/p><\/div><\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n

<\/div><\/div>\n\n\n\n
\n

Findings and Results Achieved<\/strong><\/strong><\/h2><\/div>\n\n\n\n

Implementing a Robust Open-Source SIEM: A Methodology for Strengthening Public Sector <\/strong><\/strong>Cyber Defense<\/strong><\/p>\n\n\n\n

    \n
  • The project proposes a sound methodology for implementing a robust open-source SIEM in public organizations, highlighting Wazuh as the most suitable tool.<\/li>\n\n\n\n
  • The proposed methodology prioritizes defining the scope and requirements for deploying the tool within any organization's infrastructure.<\/li>\n\n\n\n
  • Se destaca la optimizaci\u00f3n del SIEM Wazuh como una \u00abherramienta robusta\u00bb mediante la integraci\u00f3n de otras soluciones de c\u00f3digo abierto que a\u00f1aden capacidades adicionales de ciberseguridad. Esta estrategia enfatiza la importancia de mejorar sistemas existentes en lugar de crear nuevos, lo que contribuye a una soluci\u00f3n m\u00e1s sostenible a largo plazo.<\/li>\n\n\n\n
  • The importance of training the cybersecurity team for proactive detection and response is stressed.<\/li>\n<\/ul>\n<\/div><\/div>\n\n\n\n
    \n
    <\/div>\n<\/div><\/div>\n\n\n\n
    <\/div>\n\n\n\n
    \n
    \n

    Resource 1: Glossary<\/strong><\/p>\n\n\n\n

      \n
    • The glossary clarifies technical cybersecurity terms, making them accessible to all users.<\/li>\n\n\n\n
    • It promotes a common language within the project, facilitating collaboration and information sharing.<\/li>\n\n\n\n
    • The digital format of the glossary makes it easily accessible to all users, anytime, anywhere.<\/li>\n<\/ul>\n<\/div>\n\n\n\n
      \n

      Resource 2: Manual<\/strong><\/p>\n\n\n\n

        \n
      • The user manual covers all functionalities of the open-source SIEM, guiding users on its correct operation.<\/li>\n\n\n\n
      • Use case examples to help users understand how to apply SIEM functionalities in real situations.<\/li>\n\n\n\n
      • The manual presents clear and concise instructions, facilitating its use by users with different levels of technical experience.<\/li>\n<\/ul>\n<\/div>\n\n\n\n
        \n

        Resource 3: Guide<\/strong><\/p>\n\n\n\n

          \n
        • It facilitates fast and efficient implementation of the open-source SIEM, even for users with limited technical experience.<\/li>\n\n\n\n
        • The guide equips users to configure a robust SIEM that can be adapted to address their organization's specific security challenges.<\/li>\n\n\n\n
        • The guide facilitates the integration of the SIEM with other existing security tools, maximizing its potential.<\/li>\n<\/ul>\n<\/div>\n<\/div><\/div>\n\n\n\n
          <\/div><\/div>\n\n\n\n
          \n

          Impact and Conclusions<\/strong><\/strong><\/strong><\/strong><\/h2><\/div>\n<\/div><\/div>\n\n\n\n
          \n
          <\/div>

          The research findings demonstrate that the proposed methodology for implementing an open-source SIEM, supported by complementary resources, can significantly improve cybersecurity in public sector organizations.

          By highlighting the importance of collaboration and efficient use of resources, the proposed methodology avoids duplication of effort and fosters the creation of long-term sustainable solutions.

          The resources provided, such as the glossary of terms, user manual, and practical guide, facilitate the understanding and use of SIEM, enabling organizations to take full advantage of its capabilities.

          This study empowers public organizations by offering a comprehensive roadmap to successfully implement an open-source SIEM, bolstering their defenses against cyber threats and enhancing the protection of critical information.<\/p><\/div><\/div>\n<\/div><\/div>\n\n\n\n

          <\/div><\/div>","protected":false},"excerpt":{"rendered":"

          Proyecto Antecedentes Hallazgos y Resultados Alcanzados Implementaci\u00f3n de un SIEM Robusto de C\u00f3digo Abierto: Una Metodolog\u00eda para reforzar la Ciberdefensa del Sector P\u00fablico Recurso 1: Glosario Recurso 2: Manual Recurso 3: Gu\u00eda Impacto y Conclusiones<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"no-sidebar","site-content-layout":"page-builder","ast-site-content-layout":"full-width-container","site-content-style":"unboxed","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"disabled","ast-breadcrumbs-content":"","ast-featured-img":"disabled","footer-sml-layout":"","theme-transparent-header-meta":"enabled","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-gradient":""}},"footnotes":""},"uagb_featured_image_src":{"full":false,"thumbnail":false,"medium":false,"medium_large":false,"large":false,"1536x1536":false,"2048x2048":false,"trp-custom-language-flag":false},"uagb_author_info":{"display_name":"ximenamar04","author_link":"https:\/\/ciberseguridad.situada.online\/en\/author\/ximenamar04\/"},"uagb_comment_info":0,"uagb_excerpt":"Proyecto Antecedentes Hallazgos y Resultados Alcanzados Implementaci\u00f3n de un SIEM Robusto de C\u00f3digo Abierto: Una Metodolog\u00eda para reforzar la Ciberdefensa del Sector P\u00fablico Recurso 1: Glosario Recurso 2: Manual Recurso 3: Gu\u00eda Impacto y Conclusiones","_links":{"self":[{"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/pages\/1324"}],"collection":[{"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/comments?post=1324"}],"version-history":[{"count":44,"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/pages\/1324\/revisions"}],"predecessor-version":[{"id":2095,"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/pages\/1324\/revisions\/2095"}],"wp:attachment":[{"href":"https:\/\/ciberseguridad.situada.online\/en\/wp-json\/wp\/v2\/media?parent=1324"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}