The Indonesian Journal of Computer Science
Vol. 12 No. 2 (2023): The Indonesian Journal of Computer Science

Comparative Analysis of Open Source Security Information & Event Management Systems (SIEMs)

Bezas, Konstantinos (Unknown)
Filippidou, Foteini (Unknown)

Article Info

Publish Date
30 Apr 2023

Abstract

A Security Information and Event Management system (SIEM) is a tool used to collect, analyze, normalize and correlate data from various devices to identify potential cyber threats almost in real-time. SIEM provides a unified approach to security issues through two zones: Security Information Management (SIM) and Security Event Management (SEM). SIM deals with managing logs and reporting, while SEM deals with event management and real-time monitoring. SIEM tools collect data events in a central unit from various devices, normalize their format, analyze them, and generate reports and alerts. SIEM combines the ability of log management to generate a compliance report with the ability to manage threats. However, the central approach may present significant disadvantages, such as slowing system performance and complicating the prioritization of queries.

Copyrights © 2023




Citation Download
RIS
EndNote, Reference Manager, ProCite
BibTex
Latex, Jabref
Original Source
Download Original
Google Scholar
Check in Google Scholar
Journal Info
The Indonesian Journal of Computer Science
Website

Abbrev

ijcs

Publisher

STMIK Indonesia Padang

Subject

Computer Science & IT Electrical & Electronics Engineering Engineering

Description

The Indonesian Journal of Computer Science (IJCS) is a bimonthly peer-reviewed journal published by AI Society and STMIK Indonesia. IJCS editions will be published at the end of February, April, June, August, October and December. The scope of IJCS includes general computer science, information ...