Discover the definition of the term Siem (Security Information And Events Management) presented by Les Assises de la Cybersécurité.

SIEM (SECURITY INFORMATION AND EVENTS MANAGEMENT)

SIEM (Security Information and Events Management) is a tool designed to centralize the thousands (or even millions) of events resulting from the daily operation of the company's IT tools. Because whether it's workstations, servers, antiviruses, remote authentication systems, security tools... they can all be excessively talkative and write down, in their corner, everything they do. This information is a real goldmine for security, because it can help quickly detect an intrusion, for example. Unfortunately, if each piece of equipment is content to write down what it does in its corner, it's not very useful. The SOC, using suitable connectors, is able to retrieve all of this, clean it, classify it and allow it to be interrogated by security experts. This is the main tool of SOC analysts.

""They SIEM like children" sang Daniel Lavoie in 1984, who had clearly understood everything about cybersecurity before anyone else."