SIEM is Security Systems’ “BIG BOSS”

July 13, 2016 | Views: 4677

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

SIEM is like the choirmaster of all your security devices. Other systems only perform/provide the following:

  • Intrusion detection system (IDS) only understand Protocols,Packets & IP addresses.
  • Asset management systems check apps, owners and business processes.
  • Service logs show configuration changes, logins and service activities.
  • Endpoint security takes care of hosts, usernames and files.

But, the catch is none of these security systems can make you aware of what’s happening to your business in terms of bulls eye security and continuity of the business process. And, once all of them come together, the “Rock & Roll” happens.

This is what SIEM does. It sits on top of all your security devices as a management layer and then it connects, correlates and unifies all the data and comes out with a logical understanding of all event data into one single platform so it can be analyzed and cross-referred. The baseline is: “The more data you put in your SIEM tool, the more powerful it becomes.”

Having said that, enjoy the music from your choirmaster.


Questions? Post them in the comments section below.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. We are implementing a SIEM right now and the solution we chose they do not seem to understand correlation…. been very frustrating because during our POC correlation is what they said they were good at.

  2. Just want to share I have used Accelops as our SIEM before, and I find it nice to use since the UI is straight forward and you can easily generate reports.

  3. This is nice to read. Thanks

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?