SOC Experts Community - Beta
0 like 0 dislike
41 views
in SIEM by (1.8k points)

2 Answers

1 like 0 dislike
by (4.1k points)

Wireshark intercepts traffic and converts that binary traffic into human-readable format. This makes it easy to identify what traffic is crossing your network, how much of it, how frequently, how much latency there is between certain hops, and so forth.

SIEM tools provide real-time analysis of security alerts generated by applications and network hardware. Vendors sell SIEM as software, as appliances or as managed services; these products are also used to log security data and generate reports for compliance purposes.

so we can't use wireshark as siem tool.

0 like 0 dislike
by (5.4k points)
wireshark is a sniffingtool only used for packet capturing.

SIEM tool monitors critical network devices generating notifications when unauthorized changes occur,detects problem before they become breaches.

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses

Categories

...