Security Event and Information Management
The combination of securing a network using security event management (SEM) and security information management (SIM) is security information and event management (SIEM). The combination of these techniques allows for relevant information collected from multiple systems and processes to be compared and aggregated so it may be used in decision-making. Statistical measures and analytics aid in changing the facts about events into something logical and easier to comprehend. The relevant information pertaining to an event that is stored for review or later access is called a log. What is logged is usually determined by default or by customization of each device. SIEM logs are usually much more comprehensive ...
Get Network Security, Firewalls, and VPNs, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
