Skip navigation
← Back to Index

Security Incident and Event Management (SIEM)

The process of monitoring, identifying, analyzing, and recording security incidents and events in real time, giving a comprehensive snapshot of an organization’s security status. This is implemented with some combination of software, systems, and appliances. A SIEM system generally includes six attributes: retention - storing data; dashboards - analyzing data; correlation - sorting data; alerting - activating protocols to alert users after data triggers certain responses; aggregation - gathering data from various sources, and consolidating it before archival or analysis; compliance - collecting data in accordance with organizational or government policies.