Term · 11. Information Security Properties

Security Information and Event Management SIEM

Analyst Concept Source: Gartner

Identity Security NIST GDPR HIPAA PCI DSS SOC 2 Introduced by: Gartner

Definition

Security Information and Event Management (SIEM) — class of software solutions performing real-time collection, normalization, correlation, and analysis of security events from various sources (security tools, network devices, servers, applications). Core use cases: detection use cases (IOC matching), threat hunting, compliance reporting (GDPR, PCI DSS, HIPAA, SOC 2).

Related terms

Audit

Independent examination of identity controls, processes, and records to verify compliance with policy and regulatory req …
Audit Trail

Chronological record of identity events — authentication, authorization decisions, provisioning actions, configuration c …
Database Activity Monitoring (DAM)

Database Activity Monitoring (DAM) — solutions for real-time monitoring and auditing of database queries (SQL, DDL/DML, …
Privileged Session Management (PSM)

PAM capability that records, monitors, and analyzes sessions involving privileged credentials — SSH sessions to servers, …
Access Control (AC)

Mechanism that determines whether a principal is permitted to perform a specific action on a specific resource. Includes …
Continuous Adaptive Risk and Trust Assessment (CARTA)

Gartner framework introduced 2017 — a security posture that continuously evaluates risk and adjusts trust assertions thr …

← Back to glossary · Open in main list