Akbas, Ertugrul2025-03-262025-03-262024978-1-917204-06-4978-1-917204-07-12048-8602https://hdl.handle.net/20.500.14704/102823rd European Conference on Cyber Warfare and Security -- JUN 27-28, 2024 -- University Of Jyvskyl, Jyvaeskylae, FINLANDThis research paper explores the modern cybersecurity landscape, particularly focusing on the risks associated with SIEM products and SOC services. It underscores the critical issue of insufficient logging practices that compromise an organization's threat detection and response capabilities, thereby increasing the risk of security breaches. The importance of real-time log retention to address evolving digital threats is highlighted, with recommended retention periods from authoritative sources such as the White House, OWASP, MITRE, and SANS. The paper also addresses scalability challenges due to the exponential growth of log data, the necessity for effective correlation within SIEM systems for timely threat detection, and the importance of compliance with various standards and regulations to enhance security. This comprehensive analysis provides valuable insights for cybersecurity professionals, organizations, and policymakers.eninfo:eu-repo/semantics/closedAccessSecurity Information and Event Management; Log; SIEM; SOC; Cyber Security; Insufficient logging; Live Log; Hot Log; Log Loss; CorrelationConference Object26N/A1823WOS:001419654100003N/A