International partners release three publications to guide SIEM and SOAR deployments. Credit: Tero Vesalainen / Shutterstock The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has joined New Zealand’s National Cyber Security Centre (NCSC) and other international partners to boost enterprise cyber security. The partners have released three publications on implementing security information and event management (SIEM) and security orchestration, automation and response (SOAR) platforms. The guidance defines SIEM and SOAR platforms, explains their value and also their challenges and provides high-level recommendations for implementing them. While targeted at executives, the guidance can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR, the partners said. The publications also provides high-level guidance for cyber security practitioners and describes how a SIEM and SOAR can enhance visibility, detection and response, as well principles for procurement, establishment and maintenance of the platforms. The advice further provides practitioners with detailed logging guidance for specific categories of log sources, such as from endpoint detection and response tools, Windows/Linux operating systems, network devices and cloud deployments. SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe