Security Information And Event Management
Security Information and Event Management (SIEM) is a platform that aggregates, correlates, and analyzes log and event data from across an organization's IT environment to detect security incidents and support compliance reporting.
13 resources across 1 library
Glossary Terms(13)
Splunk SIEM
Splunk SIEM (Splunk Enterprise Security) is a security information and event management solution built on the Splunk data platform, used to collect, correlate,…
IBM QRadar
IBM QRadar is a security information and event management (SIEM) platform that collects and correlates log and network flow data across an organization to dete…
Microsoft Sentinel
Microsoft Sentinel is a cloud-native security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution buil…
Elastic Security
Elastic Security is a security solution built on the Elastic Stack (Elasticsearch, Kibana) that combines SIEM, endpoint security, and threat hunting capabiliti…
Endpoint Detection and Response (EDR)
Endpoint Detection and Response (EDR) is a category of security software that continuously monitors laptops, servers, and other endpoints for suspicious activi…
Extended Detection and Response (XDR)
Extended Detection and Response (XDR) is a security approach that unifies detection and response data across endpoints, networks, email, identity, and cloud wo…
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) is a platform that aggregates, correlates, and analyzes log and event data from across an organization's IT en…
Security Orchestration, Automation and Response (SOAR)
Security Orchestration, Automation and Response (SOAR) is a category of security platforms that automates repetitive incident-response tasks and orchestrates w…
Intrusion Detection System (IDS)
An Intrusion Detection System (IDS) is a security tool that monitors network or host activity for signs of malicious behavior or policy violations and generate…
Blue Team
A blue team is the group of security professionals responsible for defending an organization — detecting, responding to, and mitigating security threats, inclu…
Purple Team
Purple teaming is a collaborative security exercise in which offensive (red team) and defensive (blue team) practitioners work together in real time, sharing t…
Threat Intelligence
Threat intelligence is evidence-based knowledge about existing or emerging cyber threats — including attacker tactics, indicators of compromise, and motivation…
Threat Hunting
Threat hunting is the proactive, human-led practice of searching through an organization's systems and networks for signs of malicious activity that automated…