Logo do repositório
 
Miniatura
Publicação

Automação de Processos de Resposta a Eventos de Segurança

2024Dissertação de mestrado Acesso aberto
http://hdl.handle.net/10400.5/95683
Utilize este identificador para referenciar este registo.
Nome:Descrição:Tamanho:Formato: 
Inês_Sampaio.pdf273.47 KBAdobe PDF Ver/Abrir

Autores

Sampaio, Inês Paiva

Orientador(es)

Domingos, Maria Dulce Pedroso, 1970-

Resumo(s)

The University of Lisbon (ULisboa) is the largest university in Portugal, and as a diverse ecosystem, it stores a vast range of confidential information, from financial and academic data to personal information of students, faculty, and staff. With the increasing proliferation of devices and technological services within the university environment, such as academic information man agement systems, learning portals, wireless networks, and institutional emails, the attack surface for potential threats becomes broad and varied. The evolution of cyberattacks, characterized by greater sophistication and complexity, de mands that organizations continuously adapt their security strategies. ULisboa faces a scenario where rigorous control of its IT services and assets is imperative, due to the rise in threats such as social engineering, advanced malware and the use of artificial intelligence. The growing number of security events generates a significant overload on security teams, which is further exacerbated by the lack of automation in responding to these events. This overload of alerts can lead to potential failures in triaging critical alerts. Implementing an automated security event response system is crucial to filtering and priori tizing events, reducing manual labor, and minimizing the risk of human error. This system will increase the efficiency and speed of incident response, allowing security teams to focus on strate gic and complex tasks. Furthermore, an automated system can handle large volumes of events, offering a scalable solution for the future. In summary, the goal of this project is to implement a system for automating the security event response process at ULisboa, which is essential to improve the efficiency, speed, and effectiveness of incident responses, contributing to a more secure and resilient IT environment.

Descrição

Trabalho de projeto de mestrado, Engenharia Informática, 2024, Universidade de Lisboa, Faculdade de Ciências

Palavras-chave

Automação Segurança SOAR SIEM IT Trabalhos de projeto de mestrado - 2024

URI

http://hdl.handle.net/10400.5/95683

Contexto Educativo

Citação

Projetos de investigação

Unidades organizacionais

Fascículo

Editora

Coleções

FC-DI - Master Thesis (projects)

Licença CC