Welcome to the Aanval Wiki. Snort, Suricata and Syslog Intrusion Detection, Situational Awareness and Risk Management.

Visit http://www.aanval.com/ for more information.

Security Information and Event Management

From Aanval Wiki
(Redirected from SIEM)
Jump to: navigation, search

Security Information and Event Management (SIEM) solutions are a combination of the formerly disparate product categories of SIM (Security Information Management) and SEM (Security Event Management).

SIEM technology provides real-time analyses of security alerts generated by network hardware and applications. SIEM solutions come as software, appliances, or managed services, and are also used to log security data and generate reports for compliance purposes.

Other common names for a SIEM (which are often associated with an accompanying IDS like Snort or Suricata) are GUI, front-end, and web interface.

Aanval is an intrusion detection, correlation, and threat management console, in a class parallel to SIEM products.