SIEM
Security Information and Event Management
SIEM platforms collect and correlate log data from across an organization's IT environment to detect threats in real time. They aggregate events from firewalls, endpoints, servers, and applications into a single pane of glass.
Cómo se usa en ciberseguridad
Cybersecurity analysts write correlation rules and monitor SIEM dashboards to spot suspicious activity. SOC teams use SIEM alerts to triage potential incidents and begin investigation workflows. Security engineers tune detection logic to reduce false positives and improve mean time to detect.
Término relacionado en el glosario: siem
Las definiciones son explicaciones originales escritas con fines de desarrollo profesional. Para definiciones técnicas autorizadas, consulta NIST, ISO o el organismo de normalización correspondiente.