sbuckle9_cybr7930_homewrk2_siem
pdf
keyboard_arrow_up
School
Kennesaw State University *
*We aren’t endorsed by this school
Course
7930
Subject
Information Systems
Date
Dec 6, 2023
Type
Pages
7
Uploaded by BarristerElectron6962
Memorandum
To:
Evan Battaglia, CISO and IT Security team
From: Shanell Buckley, Security Consultant
Subject: Using Witfoo Precinct as security tool for DHHI (Diamond Hands Holdings Inc,)
Date: November 12, 2023
_____________________________________________________________________________________
Good evening IT Security team,
Included in this memorandum is a Summary, Scope, Cost and Benefits and Recommendation section as a
pitch to Diamond Hand Holdings Inc to help utilize Witfoo as our dominant security software system.
The purpose of this report is to provide a quick review of the software and the reasons why Witfoo has
advantages that will benefit our cost analysis and business continuity as well. With Witfoo headquarters
being located in Atlanta, it provides the opportunity to establish connections with other locally owned
corporations that utilize our services as well. That is a huge bonus that supports the report as well.
Sincerely,
Shanell Buckley
Security Consultant
Summary
Witfoo is a business corporation that is comprised of law enforcement, cybersecurity paraprofessionals,
and veterans of the armed forces also. The Mission of Witfoo is to help IT teams similar to DHHI
successfully turn cyberwarfare back to the negative population who cause harm to systems. After my
personal usage within the system, I can determine that Witfoo program is very cost effective and priced
at a reasonable rate for a small corporation like Diamond Hand Holdings Inc. The security team will
locate plenty of scenarios throughout this summary.
After I completed an in-depth investigation and personal use of the Witfoo software, I was able to locate
how Witfoo functions and how it will support the mission of Diamond Hand Holdings Inc. While
investigating the system software I was able to identify rates for a small business corporation like DHHI. I
also examined how precincts first cost and then will eventually save and lessen cost throughout other
departments. I found it quite hard to find reasoning to support how Witfoo would not support our
company mission and support the growth of the business.
All things considered, I believe that Witfoo is a thorough, safe, and responsive software. When I first
accessed the software, I was expecting to have decrypt codes, but I then discovered it used Natural
Language Processing NLP which I will provide further details about in the report. Throughout my time in
Witfoo I was able to discover all types of infiltrations fast by either stopping it or altering the course of
the investigation. Overall, my experience in Witfoo will be discussed and I will also provide further detail
about my personalized perspective on the precinct in regard to Diamond Hand Holding Inc in my report.
Whereas I could go into further detail about all the benefits that Witfoo has to offer, I would like to
primarily focus on a few of the crucial areas from various aspects throughout the research. This will
cover event reporting, artifacts, and the main expenses. In conclusion I would like to offer a
recommendation to Diamond Hand Holdings security team.
Scope
Diamond Hand Holdings Inc is an IS/IT consultant company that is currently a C-class
corporation that concentrates in network-related professional solutions, information security and
business continuity. This implies that to support our mission statement, it is imperative to have
Tier 1 security SIEM technologies. With the rapid growth and expansion within the last couple
of years we have enhanced the business corporation's reputation. Business such as Witfoo
Precinct aim the help them develop into A-class enterprises. We will be able to earn profits while
maintaining our annual growth rate of 30%. Precinct will be able to offer support while directly
assisting performance fulfillment and future services.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Cost and Benefits
For the near future, DHHI intends to remain small in business size but still yielding success. We can
accomplish this by examining the price of the software for a business of our size. The annual cost is $80
per person, and we would deduct that from
the employee’s
paycheck. With the company's annual cost,
we accept the offer and will become a gold partner and finish the pre-purchase examination. The total
cost would be $3,011 with 40 full-time employees. This would be funded by Diamond Hand Holdings as
a part of its investment and staff members. The precinct is available to less experienced or recent hires
who may not possess the skill set to understand how SIEM technology functions, in contrast to IT
specialists who have had years of experience and expertise. Must Diamond Hand Holdings choose to
expand it would further deduct the annual cost of the software because the more volume and traffic is
seen favorably. Substantially every year we would be able to calculate how much money Diamond
Hands Holding Inc can litigate to spend on SIEM tool while also utilizing the artifacts to determine which
way is best cost effective. The only are of significant cost expense that I encountered are the false
positives within the CISSO ASA Firewall and Stealthwatch tool.
Recommendations
Witfoo Precinct is the best cybersecurity platform and I highly suggest it. Security automation,
orchestration and response or SOAR technology is one of the high-demand features. It aids the less
skilled professionals so they can plan and execute projects that include many individuals and different
technologies within one platform. Incidents within the software are analyzed and evaluated through a
suspicious score system then accessed for intrusion strategies like phishing, ransomware, and fraud. In
addition, they are also visuals provided often referred to as node graphs that utilize symbols such as red
lines or edges that denote any modified computers and how frequently they connect between each
other.
Witfoo also could wipe a node in its entirety to stop infection after inspection. The suspected
group will be labeled as such, and information would then be turned into the authorities to
further handle the situation. Please see the figure included below that displays the connection
between the affected computer systems.
Another great aspect of the tool is the “Report”
tab that provides checks and balances within the
security network by maintaining the score and the overall health within the company's security
operations system. Here at DHHI we like the capability of being able to monitor anything from
Operation efficiency to have an extensive summary of all corporate investigation incidents of
FTE numbers as well.
All of the tools are blueprints for data processing or what Witfoo often refers to as “Artifacts”.
Semantic framing is a concept within the Natural Language Processing (NLP) and is a source
point for each aspect. Each tool provides a detailed account of the files, users and host that are all
connected to the frame along with information about the service of the products where the
message originally began. The data can be located by utilizing the search bars artifacts tab.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
In conclusion, I wholeheartedly endorse purchasing Witfoo Precinct as our primary SIEM tool. It
is easily accessible while also offering a wide range of capabilities to increase production
without requiring an abundance of resources. Witfoo shows advantages to our corporate
workforce and security team here at DHHI. I have no doubt that this technology will coincide
well with our company’s mission statement,
resources, and offerings. This is the right choice and
will benefit everyone soon.