Security information and event management
Security Information and Event Management ( SIEM ) combines the two concepts Security Information Management (SIM) and Security Event Management (SEM) for the real-time analysis of security alarms from the sources of applications and network components. SIEM thus serves the computer security of an organization and is a software product that can be installed centrally or used as a cloud service.
The term security information event management (SIEM), coined in 2005 by Mark Nicolett and Amrit Williams from Gartner, includes:
- the ability of products to collect, analyze and present the data from network and security components
- dealing with security vulnerabilities
- Operating system, database and application log files
- external dangers
- Real-time alerts
Some SIEM providers are: Arcsight, Empow, Exabeam, LogPoint, Logrhythm, QRadar and Splunk .
Web links
- Computerwoche.de / ... - What distinguishes SIM and SEM from SIEM (April 23, 2013 by Matthias Maier) (Retrieved March 2, 2019).
Individual evidence
- ↑ Security Information and Event Management (SIEM). Accessed December 21, 2019 (German).
- ↑ Amrit Williams: Improve IT Security With Vulnerability Management . May 2, 2005 .: "Security information and event management (SIEM)"
- ↑ Splunk - SIEM explained. In: Visual Coding + Hacking Tutorials. September 12, 2019, accessed December 21, 2019 .
- ↑ Create real-time alerts - Splunk Documentation. Retrieved December 21, 2019 .