killchain-compendium/misc/threat_intelligence/siem.md

# Security Information and Event Management (SIEM)

* [Varonis](https://www.varonis.com/blog/what-is-siem/)

    * Threat detection
        * Investigation
        * Time to respond
        * Some other SIEM features:
    * Basic security monitoring
        * Advanced threat detection
        * Forensics & incident response
        * Log collection
        * Normalization
        * Notifications and alerts
        * Security incident detection
        * Threat response workflow
second commit 2021-08-23 01:13:54 +02:00			`# Security Information and Event Management (SIEM)`

			`* [Varonis](https://www.varonis.com/blog/what-is-siem/)`

			`* Threat detection`
			`* Investigation`
			`* Time to respond`
			`* Some other SIEM features:`
			`* Basic security monitoring`
			`* Advanced threat detection`
			`* Forensics & incident response`
			`* Log collection`
			`* Normalization`
			`* Notifications and alerts`
			`* Security incident detection`
			`* Threat response workflow`