Produces an operational view to information security status, enhancing log management and combining it with security event monitoring to enable centralized reporting.
SIEM systems automatize the continuous reporting required by several standards. In addition, the systems are capable of raising alarms based on logged information, IDS-detections and vulnerabiity lists.
The number of SIEM systems available is considerable and the progress in the field is rapid. Selecting a suitable and reasonably priced product can in itself be a challenge. Mere purchase of a device is not a solution either; proper configuration of the system and its various log sources and refining log management processes are both essential for achieving compliance with set requirements.