Security information and event management
subsection within the field of computer security, where software products and services combine security information management and security event management
Microsoft
microsoft.com › en-us › security › business › security-101 › what-is-siem
What Is SIEM? | Microsoft Security
Security information and event management (SIEM) is a security solution that collects data and analyzes activity to support threat protection for organizations.
IBM
ibm.com › think › topics › siem
What is SIEM? | IBM
November 17, 2025 - SIEM is security software that helps organizations recognize and address potential security threats and vulnerabilities before they disrupt business operations.
What SIEM does your company use?
Rapid7. Their SOC has been really great so far. Their portal / tools / log sources and reports are pretty tidy and easily used. I don't really have a lot of cons to list. We're pretty happy with them.
More on reddit.com 30
3
February 4, 2021Which free SIEM is least shitty?
Maybe look at OSSIM. I haven't used OSSIM, but I've used the commercial version (AlienVault) and it was pretty nice.
More on reddit.com 19
0
January 11, 2017Is Stealthwatch categorized as a SIEM product?
Stealthwatch is NOT a SIEM. It is a netflow analyzer that applies behavior and network traffic analytics to IP to IP communication. There are two solutions, Stealthwatch Enterprise (on-prem) and Stealthwatch Cloud (hybrid cloud/on-prem) Stealthwatch Enterprise and Stealthwatch Cloud both leverage Cognitive Threat Analytics (CTA) on the back end. These two platforms can send their data to various SIEM solutions via API or Syslog. But the SMC (on-prem) does the majority of its analytics internal More on reddit.com
5
3
December 5, 2019The Future of SIEM?
They aren't all moving away from traditional SIEM. Any business with proper oversight isn't switching for the sake of switching. SIEMs take a good while to fine tune and get running well and there's a cost/benefit and time cost involved in moving to other solutions. That being said, I see a lot of automation happening. More SOAR being integrated, and the like. More on reddit.com
106
77
September 12, 2023What is a Cloud SIEM? Or a Modern SIEM?
A cloud-delivered or based SIEM allows IT teams to monitor and manage threats across hybrid environments – both on-premises infrastructure and in the cloud. Cloud SIEMs are sometimes referred to as modern SIEMs to differentiate between traditional SIEMs that have commonly been delivered on-premises.Modern SIEMs also automate threat detection, and can also provide resources for customers to help with threat response, including security playbooks that walk IT teams through remediation (no security expertise required). A modern SIEM may compare a baseline standard of normal operating behavior to
blumira.com
blumira.com › glossary › what-is-siem
What is SIEM? | SIEM Meaning | What Does SIEM Do? | Blumira
What Is The History of SIEM?
SIEM solutions have been around for decades, with varying degrees of functionality based on which product or vendor you choose. Gartner analysts Mark Nicolett and Amrit Williams coined the term SIEM in 2005. First-generation SIEM focused mainly on traditional log collection. The next generation of SIEM platforms focused on security events based on triggers from tools such as antivirus, firewalls, and intrusion detection systems (IDS).
blumira.com
blumira.com › glossary › what-is-siem
What is SIEM? | SIEM Meaning | What Does SIEM Do? | Blumira
What Should You Log in a SIEM?
The scope of what to log in a SIEM can vary depending on your perspective – these are the two most common: Everything This stems from the point of view that what is required is not known until it is needed; thus storing everything, searching and filtering later is adopted. While this provides access to all the possible data that may be required, it also provides more of a challenge when it comes to storage, indexing, and, in some cases, transmitting the data. If a commercial solution is used, licensing may also depend on volume (greater volume equals greater costs). Only What You Need Technolo
blumira.com
blumira.com › glossary › what-is-siem
What is SIEM? | SIEM Meaning | What Does SIEM Do? | Blumira
Videos
02:33
What is SIEM (Security Information and Event Management)? - YouTube
10:27
What is SIEM Solution? | Security Information and Event Management ...
05:06
What is SIEM? - YouTube
13:59
What is a SIEM? (Security Information & Event Management) - YouTube
04:24
What is SIEM? Security Information & Event Management Explained ...
Splunk
splunk.com › en_us › blog › learn › siem-security-information-event-management.html
SIEM: Security Information & Event Management Explained | Splunk
SIEM can help — a lot. SIEM is cybersecurity technology that provides a single, streamlined view of your data, insight into security activities, and operational capabilities so you can stay ahead of cyber threats.
Exabeam
exabeam.com › home › explainers › what is siem? 7 pillars and 13 core features [2025 guide]
What Is SIEM? 7 Pillars and 14 Core Features [2025 Guide]
November 7, 2025 - SIEM stands for Security Information and Event Management. It's a cybersecurity solution that aggregates and analyzes security data from various sources within an IT environment to detect, analyze, and respond to security threats in real time.
Varonis
varonis.com › blog › what-is-siem
What is SIEM? A Beginner’s Guide
September 12, 2025 - Learn about Security Information and Event Management (SIEM), what it is, how it works, and how SIEM solutions can help your business.
Wikipedia
en.wikipedia.org › wiki › Security_information_and_event_management
Security information and event management - Wikipedia
October 23, 2025 - Security information and event management (SIEM) is a field within computer security that combines security information management (SIM) and security event management (SEM) to enable real-time analysis of security alerts generated by applications ...
Cisco
cisco.com › learn › topics
What Is SIEM? - Security Information and Event Management - Cisco
Security information and event management (SIEM) is software that aggregates data from various security tools to help identify potential threats.
Red Canary
redcanary.com › cybersecurity 101 › security operations › what is a siem?
What is a SIEM? | Red Canary
July 9, 2025 - Security information and event management (SIEM) is a software solution that helps you detect cybersecurity threats, manage security incidents by collecting and analyzing security events, and supports compliance and auditing requirements.
Blumira
blumira.com › glossary › what-is-siem
What is SIEM? | SIEM Meaning | What Does SIEM Do? | Blumira
SIEMs are used for real-time security event analysis to help with investigation, early threat detection and incident response. They also support compliance use cases, as many data regulatory frameworks require organizations to keep audit logs for up to one year. Not every SIEM is built the same, however.
Published May 20, 2020
The Knowledge Academy
theknowledgeacademy.com › blog › what-is-siem
What is SIEM? Security Information and Event Management Explained
Security Information and Event Management (SIEM) collects, analyses, and monitors security data in real-time to detect threats and support incident response. Its key functions include real-time monitoring, Log Management, threat detection, incident ...
Okta
okta.com › identity-101 › siem
What is SIEM? Security Information & Event Management 101 | Okta
September 2, 2024 - Gartner defines SIEM as a technology that can both detect and block security events, all while logging information for real-time or historical analysis. Here’s an example. Someone is copying thousands of files from your server.
Palo Alto Networks
paloaltonetworks.com › cyberpedia › what-is-siem
What is SIEM? - Palo Alto Networks
SIEM collects and analyzes security data from various sources such as firewalls, servers, cloud platforms, network devices, and third-party tools. It aggregates this information into a centralized platform to identify patterns and unusual activities in real time. Collected data is then standardized into a common format, making it easier to analyze.
Spiceworks
spiceworks.com › spiceworks inc › articles › what is security information and event management (siem)? definition, architecture, operational process, a ...
What Is Security Information and Event Management (SIEM)? Definition, Architecture, Operational Process, and Best Practices - Spiceworks
March 10, 2025 - Security information and event management (SIEM) is defined as a security solution that helps improve security awareness and identify security threats and risks. It collects information from various security devices, monitors and analyzes this ...
Gartner
gartner.com › gartner glossary › information technology glossary › s
Definition of Security Information And Event Management (SIEM) - Gartner Information Technology Glossary
Security information and event management (SIEM) technology supports threat detection, compliance and security incident management through the collection and analysis (both near real time and historical) of security events, as well as a wide variety of other event and contextual data sources.
Oneidentity
oneidentity.com › learn › what-is-security-information-and-event-management.aspx
What is Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) is a cybersecurity solution that can identify, analyze and mitigate security threats by collecting and correlating real-time and historical data from multiple sources within an infrastructure.
Stellar Cyber
stellarcyber.ai › home › learn › what is siem
What is SIEM? Components, Capabilities and Architecture
January 5, 2024 - SIEM is a comprehensive approach introduced by the Gartner Institute in 2005, aiming to harness the extensive data from devices and event logs within a network. Over time, SIEM software has evolved to incorporate user and entity behavior analytics (UEBA) and AI enhancements, aligning application activity with indicators of compromise.
Proofpoint
proofpoint.com › home › glossary › security information and event management (siem)?
What Is Security Information and Event Management (SIEM)? | Proofpoint US
July 21, 2025 - Now, SIEM is an integral component of modern cybersecurity strategies. As a security solution, SIEM effectively aggregates, stores, analyzes, and reports log data from multiple sources across an organization's entire IT infrastructure.
DesignRush
designrush.com › agency › cybersecurity › trends › what-is-siem-in-cyber-security
What Is SIEM in Cybersecurity? (2025) | DesignRush
May 1, 2025 - In the context of cybersecurity, security information and event management (SIEM) is a type of software that gathers and analyzes all data from a source so it can detect and address potential security threats.
Dynatrace
dynatrace.com › __home__ › knowledge-base › siem
What is SIEM?
March 12, 2025 - SIEM systems gather logs and other data from diverse sources across an organization's IT infrastructure, including the following: ... Network devices, such as firewalls and routers. Security appliances, such as intrusion detection/prevention systems · Endpoints, such as PCs and mobile devices. This collected data comprises logs, events, and occasionally packet captures. Once data is collected, SIEM systems normalize it by converting different log formats and time stamps into a consistent format.
Capterra
capterra.com › home › capterra glossary › it › security information and event management (siem)
Definition of Security Information and Event Management (SIEM) - IT Glossary | Capterra
SIEM typically refers to a software system that aids computer security. Instead of merely logging alerts, this technology generates in-depth reports and analysis to aid threat detection, compliance, incident management, and more. SIEM monitors all aspects of an organization’s IT structure, ...