Download (PPT, 141KB)

Security Information and Event Management

Security information management

Security information management is also referred to as Log Management and is different than SEM (security event management), but makes up a portion of a SIEM (security information and event management) solution. Understanding SIEM

Systems management – Functions

* Security Information and Event Management functions (SIEM)

Security information and event management

‘Security Information and Event Management’ (SIEM) is a term for software and products services combining security information management (SIM) and security event manager (SEM). SIEM technology provides real-time analysis of security alerts generated by network hardware and applications.

Security information and event management

The need for voice centric visibility or vSIEM (voice security information and event management) is a recent example of this evolution.

Security event manager

Often confused with Security information management|security information managers (SIMs) and security information and event management|security information and event managers (SIEMs)

Information Security Operations Center – Technology

SOCs typically are based around a security information and event management (SIEM) system which aggregates and correlates data from security feeds such as network discovery and vulnerability assessment systems; governance, risk and compliance (GRC) systems; web site assessment and monitoring systems, application and database scanners; penetration testing tools; intrusion detection systems (IDS); intrusion prevention system (IPS); log management systems; network behavior analysis and denial of service monitoring; wireless intrusion prevention system; firewalls, enterprise antivirus and unified threat management (UTM)

McAfee – Mergers and acquisitions

: On October 4, 2011, McAfee announced its intention to acquire privately owned NitroSecurity, NitroSecurity develops high-performance security information and event management (SIEM) solutions that protect critical information and infrastructure. NitroSecurity solutions reduce risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. The acquisition closed on November 30, 2011.

LogLogic – History

In 2009, LogLogic released database security and compliance management products and acquired :fr:Exaprotect|Exaprotect, a security information and event management (SIEM) company.


‘ArcSight’ was a company founded in 2000 that provides big data security analytics and intelligence software for security information and event management (SIEM). It became a subsidiary of Hewlett-Packard in 2010.

Novell Identity Manager – Supported applications

The current release of Identity Manager also provides integration with NetIQ’s Security Information Management|Security Information and Event Management (SIEM) product called NetIQ Sentinel

RSA (security firm) – Products

RSA enVision is a security information and event management (SIEM) platform, with centralised log-management service that claims to enable organisations to simplify compliance process as well as optimise security-incident management as they occur.

Security level management – Classification

SLM is related to the disciplines of Security and Security Event management (SIEM), which the analysts Gartner summarise in their Magic Quadrant for Security Information and Event Management, and define as follows:

Trustwave – Products and Technologies

‘Managed security service|Managed Security Services’ is a service offering from Trustwave that involves remotely managing its and third-party products such as Network Access Control, Security information and event management|SIEM, and United Threat Management for companies who wish to outsource their security needs.

For More Information, Visit: