Security information and event management (SIEM) tools collect and aggregate log and event data to help identify and track breaches. They are powerful systems that give enterprise security professionals both insight into what’s happening in their IT environment right now and a track record of relevant events that have happened in the past.
SIEM software (pronounced ‘sim’; the ‘e’ is silent) collects and aggregates log and event data generated throughout the organization’s technology infrastructure, from host systems and applications to network and security devices such as firewalls and antivirus filters. A SIEM tool’s goal is to correlate signals in all that data together to provide security teams with the information they need to identify and track breaches and other problems.