An Introduction to SIEM

SIEM (Security Information and Event Management) Technology provides a Platform for real-time monitoring of information security events from Networks, Servers, Systems, Applications and more. SIEM Solutions can also be used for Regulatory Compliance reporting requirements. SIEM Solutions supports Forensic Analysis on Real Time and Post Incident analysis by retrieving & storing the events based on their Timestamp.
 
SIEM Formation
SIEM is a combination of SIM (Security Information Management) and SEM (Security Event Management). SIEM Centralizes the Events Information and Log Management from various devices and locations. SIEM uses either Rule-based or Correlation Engines for Identifying the Anomalies by Combining Multiple Events and Information.
Correlation Engine is a programed software, which uses Predictive Analytics and Fuzzy Logic to understand the inter-relatedness between the events and triggers the alerts if found any anomalies.
EPS – Events per Second, EPS Baselining is an important step in SIEM, EPS Metrics plays a major role in selecting the right SIEM Solutions for an Infrastructure. And also, EPS Metrics helps to determine the Log storage for both Online & Offline Storage as per Regulatory retention requirements.
 
SEM (Security Event Management)
  • Provides Real-time Monitoring
  • Correlation of Events or Combination of Multiple Events
  • Improve security incident response
  • Effective response to internal and external threats
SIM (Security Information Management)
  • Reporting and analysis
  • Regulatory compliance (SOX, HIPAA etc...)
SIEM Solutions in Regulatory Compliance
Maintaining the Regulatory Compliance and Standards are Critical for the Organizations, Observing Non-Compliance to regulatory standards may result in Legal Actions and Imposing Penalties. And a major status quo on Brand Name and Reputation.
 
SIEM Solutions can help to meet the Regulatory Compliance Requirements, by analyzing the Infrastructure Event Logs and Identifies the Non- Compliance by Report Generation. The SIEM solutions comes with out of the box Compliance reporting templates like PCI DSS, SOX, HIPPA, GLBA, FISMA and ISO 27001.
 
Authored by Baskar Srinivasan
Rate this article: 
Average: 1 (2 votes)
Article category: 
Keywords: