Understanding SIEM

Security Incident and Event Management (SIEM) is a process that helps cyber security implementation by gathering security-related information (network and application logs for example) at a centralized location or tags those information assets at the edge (the location where the data is generated in the case of IoT) and uses this information for identification of anomalies which indicates breaches to the security infrastructure of an enterprise.

The SIEM also facilitates continuous monitoring of the security infrastructure by providing intuitive visualization dashboards. SIEM as a process is implemented as a suite of software which is governed by enterprise security with role-based access control. The common characteristic ...

Get Artificial Intelligence for Big Data now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.