What Is Security Information Management?

Security information management (SIM) is a method of collecting, monitoring, and analyzing security-related data in computer records. Security information management is sometimes referred to as security event management (SEM) or security information and event management (SIEM).

Safety Information Management

Right!

Security information management (SIM) is a method of collecting, monitoring, and analyzing security-related data in computer records. The Security Information Management System (SIMS) automatically performs security information management. Security information management is sometimes referred to as security event management (SEM) or security information and event management (SIEM).

Security information includes log data generated by many sources, including antivirus software, intrusion detection systems (IDS), intrusion prevention systems (IPS), file systems, firewalls, routers, servers, and switches.

The safety information management system can:

Monitor events in real time.
Displays a live view of the event.
Transform event data from various sources into a common format, usually Extensible Markup Language (XML).
Aggregated data.
Correlate data from multiple sources.
Cross-correlation to help administrators identify real threats and false positives.
Provides automatic reaction.
Send alerts and generate reports.

Commercial Security Information Management (SIM) products include ArcSight's ESM, nFX's SIM One, Network Intelligence's enVision, Prism Microsystems' EventTracker, Trigeo, Symantec's Security Information Manager, Cisco Security MARS, and Snare. Open source security information management products include OSSIM (a product of the Open Source Security Information Management Initiative) and Prelude IDS's Prelude. ^[1]

What Is Security Information Management?

Safety Information Management

IN OTHER LANGUAGES

RELATED ARTICLES

How can we help?