📈

SIEM

Security

Incident Response (IR) SOC (Security Operations Center) Logging Monitoring

Security Information and Event Management platform aggregating logs, correlating events, and generating alerts.

Definition

A SIEM ingests logs, normalizes data, correlates events, and produces alerts and dashboards. It supports investigations and compliance reporting when configured correctly.

In plain English Security Information and Event Management platform aggregating logs, correlating events, and generating alerts.

Why this matters

Why it matters: Good logging and correlation reduce detection time and limit exposure of sensitive data.

Example

Example: Send auth logs, firewall logs, and endpoint alerts into a SIEM with detection rules and incident workflows.

SIEM

Definition

Why this matters

Example

Accessibility Settings

Text Size

Theme

Contrast Level

Language & Content

Need help with a term? Open the glossary