DESIGNING AUTOMATED VULNERABILITY MANAGEMENT FRAMEWORKS USING SIEM, TENABLE, AND SPLUNK INTEGRATION

Abstract

This study was mostly about creating and testing an automated vulnerability management architecture that combined Security Information and Event Management (SIEM), Tenable vulnerability scanners, and Splunk analytics. By automating the procedures of collecting data, correlating events, and managing incidents, the framework's goal was to make it easier to find, analyze, and fix security holes in business networks. We tested the framework in a simulated network environment and found that it worked far better than traditional human methods at finding problems, responding quickly, and fixing them. The system also showed that it could easily handle networks of different sizes, which shows that it is ready for use in the real world. These results show how important it is to automate and integrate platforms to improve cybersecurity operations and lower the risk to businesses.