Highlighted
younuspatel Absent Member.
Absent Member.

Re: List of Sample Use Cases Draft version

Hello Balahasan,

Thanks for reply,

i will go through it.

Currently i have to create a dashboard for all device patch updates. Could you guide me please

regards,

younus

0 Likes
sandeepu Absent Member.
Absent Member.

Re: List of Sample Use Cases Draft version

Thank you Sujan and Balahasan

0 Likes
philip.clough@h Absent Member.
Absent Member.

Re: List of Sample Use Cases Draft version

Hey Mike,

thank you, the example of your approach was very helpful.

I know it's been a while back, but above you stated that there are many approaches to building use cases. Is there any way of you sharing or pointing out some of the other approaches? I am specifically looking for published sources such as whitepapers, books or journal articles.

So far the only (scientific) source I found was a whitepaper from SANS:

https://www.sans.org/reading-room/whitepapers/auditing/effective-case-modeling-security-information-event-management-333…

Thank you for your help!

Cheers and regards,

Philip

0 Likes
mike_of_many Trusted Contributor.
Trusted Contributor.

Re: List of Sample Use Cases Draft version

Philip,

While the whitepaper you mention touches on them the primary method if I recall they term "the Top Down, Bottom Up, Middle out"

As for published sources, I will have to look but I recall a book or a paper "Creating Effective Use Cases for SIEM" which has Use Cases created from Risk, Anton Chuvakin on his own then at the Gardner blog has some good write ups on creating Use Cases, from compliance needs, visibility needs, and just general creation workflows.

Otherwise, scientifically I'm not sure there are other sources. I'll keep an eye out.

Personally, I feel that when I talk to Nitro ESM guys, they talk a lot about creating time based and standard deviation based Use Cases. As that's a strength in the Nitro engine. So that's another place to look about approaches to building Use Cases as different strengths will usually require different approaches.

Mike

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.