What is a SIEM solution
What is a SIEM solution I am updating my blog after quite a while and will try to talk about Cyber Security. In today’s blog we are going to talk about a term used commonly in Cyber Security, which is SIEM. SIEM stands for “Security Incident and Event Management” It is a combination of security information management and security event management. SIEM keeps track of the security posture of an organization by collecting security related data of information an organization in form of logs and store them for analysis for upcoming threats and it also monitors the infrastructure of an organization (both on premises and cloud based.) There are different SIEM solutions offered, some of the common and popular ones are Rapid7, Sentinel One, Splunk, ActZero. Most of these solutions can also integrate with next generation EDR/XDR/MDR solutions like Crowd Strike as well. SIEM is the center of organizations security operations (SOC). Some of the salient features of a...