Follow Us on Google
By Kareem Islamiyat
At the Women in Cybersecurity Speaker Moment in Dallas US, cybersecurity specialist Chisom Elizabeth Alozie turned a routine tech talk into a wake‑up call for women in cybersecurity, showing them how to pinpoint their biggest digital weak spots before ever installing a Security Information and Event Management (SIEM) tool.
Speaking to tech professionals at the event on 20 July 2024, she revealed how home SIEM platforms like the open‑source Wazuh can watch over laptops, phones, and smart devices only after every gadget on the network is mapped and its internet‑facing services clearly understood.
Alozie drove home the message that the real starting point for cyber defense is knowing exactly what needs protection, transforming SIEM from an intimidating enterprise system into a simple, powerful shield for the home.
She warned that overlooked issues, such as outdated remote desktop ports, badly secured Wi‑Fi, and unpatched smart devices, are often the very doors attackers walk through, urging her audience to close those gaps before it is too late.
She connected these weaknesses to threats such as ransomware, credential theft, data leaks, and brute-force attacks, helping attendees see how abstract cybersecurity threats translate into real risks for their everyday digital lives.
With 16 years experience in tech and cybersecurity, Alozie advised that clearly defining security goals, such as protecting privacy, preventing data breaches, and keeping important services online, is crucial before choosing a solution.
“Once participants understood their own risk landscape,” says Alozie, shifting focus to selecting a suitable SIEM tool by weighing capability, cost, and ease of use.
While comparing open-source solutions like Graylog, the ELK stack, AlienVault OSSIM, and Wazuh, she further noted that they provide strong log collection, dashboards, and correlation rules without requiring expensive licenses.
Other News
According to Alozie, these options support both learning and practical experimentation for individuals and those early in their cybersecurity careers. In contrast, commercial and cloud-based products such as Splunk, LogRhythm, SolarWinds, Azure Sentinel, and Google Cloud Chronicle deliver advanced analytics and managed services, yet are often too costly for home use.
She highlighted Wazuh as a balanced choice because it is open-source, rich in features, and favored in industry settings, so the skills learned in a home lab are directly transferrable to the workplace.
Alozie’s session included a detailed walk-through of setting up Wazuh in a home lab, demonstrating server provisioning, component installation, and connecting devices so that data flows into the monitoring platform.
She further explained that SIEM value increases as more sources are integrated. A robust SIEM deployment gathers logs not just from operating systems, but also from network devices, web applications, antivirus programs, intrusion detection systems, and cloud services.
By correlating alerts across multiple sources, Alozie showed how SIEM technology can reveal attack patterns that would remain invisible if each system were monitored separately.
Alozie urged attendees to tame “alert fatigue” by tuning their home SIEMs to highlight only high‑impact events, such as repeated failed logins, privilege‑escalation attempts, and malware detections.
The speaker also walked participants through how a SIEM can piece together small clues, like suspicious processes, risky IP connections, and unusual logins, to tell the full story of an attack, from the initial compromise to lateral movement and attempted data theft.
Using frameworks such as MITRE ATT&CK as a reference, she showed how tools like Wazuh help map these behaviors to known attacker techniques, making investigations more structured and less intimidating.
She listed a simple five‑step incident‑response flow anchored on SIEM alerts: detect, analyze, contain, eradicate, and recover. In her example, she said, “The SIEM raises an alert, the user validates it and scopes the impact, isolates affected devices or blocks bad IPs, cleans up malware and fixes vulnerabilities, then restores normal operations and updates SIEM rules based on lessons learned.”
To keep protections effective over time, Alozie stressed the need for regular maintenance: updating the SIEM and connected tools, pruning old logs, and tuning rules as the home environment changes.
She reminded attendees that strong passwords, multi‑factor authentication, and user awareness remain the first line of defense, with SIEM serving as a powerful companion rather than a replacement for basic cyber hygiene.
