Abstract:
Security information and event management (SIEM) solutions were introduced somewhere in 2000 in form of either a SIM solution or a SEM solution. A SIEM solution is required to handle the increased level of security information and analysis and management of centralized log. They were initially developed due to inability of the IT department of an organization to deal with a large number of alerts hat were being generated by intrusion detection system(IDS) and intrusion prevention system(IPS).SIEM solution provides monitoring, detection and alerting of security events within an IT environment. Analytics deliver real-time alerts, dashboard and reports to several critical and management units. Security management is made easy because it allows organizations to filter massive data and prioritizing security alerts that software generates . it also allows to detect data that may otherwise go unnoticed and undetected.
