SIEM

To give you the simplest answer, SIEM (Security Information and Event Management) is defined as a complex set of technologies brought together to provide a holistic view into a technical infrastructure. Depending on who you talk to, there are about five different popular opinions on what the letters stand for.

Looking at the 10 layered security stack, with the notion of managing all of it, is enough to make you lose your hair! However, it’s not a train – there is light at the end of the tunnel. That light has come to be known as the SIEM.

• SIEM Features
  • SIEM Requirements
  • SIEM is good to address Advance Persistent Threats
• SIEM Usage
• SIEM Technology

Usage

• System information and event management (SIEM) systems can identify incidents or potential incidents, prioritize according to potential impact, track incidents until they are closed and provide substantial trend analysis over time.

Links

• https://www.tripwire.com/state-of-security/incident-detection/log-management-siem/what-is-a-siem/

Related

• SOC