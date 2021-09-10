About SIEM

A security information and event management (SIEM) solution collects security data from across the entire organizational infrastructure, host systems, applications, networks, and security devices. This makes it a one-stop solution to see all security data across the entire organization. SIEM solutions can:

Analyze data for potential threats, vulnerabilities, and attack patterns, and then alert other security controls to stop potential attacks progress

Detect and stop cyber attacks from happening

Leverage machine learning (ML) and deep learning techniques to use data gathered from previous events to improve the accuracy of threat prediction

SIEM tools are a composed of two parts. A security event manager collects real-time event data such as failed login attempts and log tampering attempts, and a security information manager that is responsible for long-term data retention and analysis.