Dezible

Hello! My name is Aditya Bhardwaj.

Dezible is a project where I build a SIEM from scratch.

What is a SIEM you might ask. The following is a nice definition1.

Details

Security Information and Event Management (SIEM) is an essential tool that collects, stores, and performs log management and analyzes extensive volumes of log data from across an organization’s network, generating security alerts when needed.

Every SIEM does five fundamental things:

  • Data collection and Normalization
  • Storage and Indexing
  • Detection and Analysis
  • Response and Orchestration
  • Intelligence and Visualization

With the above tools/capabilities, security teams can assess, triage and respond to security events.

I do not want to re-invent the wheel, but rather have insights into the components that make up SIEM.

LLMs and AI agents will be useful in extending capabilities of such a SIEM, though the first goal is to work out the basics.

Details

Dezible is work in progress.

Found it interesting?

Connect with me here: LinkedIn and Google scholar

  1. https://www.sekoia.io/en/glossary/what-is-a-security-information-event-and-management/ ↩︎