SIEM | Digital Chief Commander

Biometric photo created by rawpixel.com — www.freepik.com

SIEM — Security Information and Event Management, is a centralized collection of all Security Controls and Efforts.

Our security subsystems can contain multiple controls like Firewall, IDS/IPS, Logs, IAM, etc.,

Our system may also be spread across multiple zones, i.e., On-Premises and Cloud Premises.

One person looking at so many logs is ineffective. Many people looking at one log each is uneconomic.

Thus SIEM, brings all logs to a central repository, serving 2 distinctive purposes:

SIEM Overview

To serve as the Chief Commander of our Security Systems, SIEM is loaded with the following systems:

The Real-time monitoring system allows us to view the data flow seamlessly in real time, thus helping us make timely decisions before we are compromised.

Centralised Logging and Detections Systems provide more than one utility:

Solar Winds Security Event Manager (https://www.tek-tools.com/security/best-siem-software)

IT Regulations Compliance Systems are also part of some SIEMs that allow us to check if our systems are Compliant to specific IT Regulations.

Difficulties with SIEM:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Swagat Jena

A learner trying new ventures. I wish to build skills and network by sharing knowledge. Feel free to comment suggestions on the posts.