NIVEL 3 - SIEM
SIEM - A key challenge in the field of computer security is that cyberattacks are continually evolving.The SIEM (Information Security Event Management) technology is evolving into an information security platform that incorporates several technologies including: Records management systems, security event management, security information management, and security event correlation. As these various security components become increasingly integrated and merged over the years, the SIEM platform emerged as the general industry term for managing information generated from the combined security controls and infrastructure.
In essence, the interoperability of SIEM with various security technologies increases the security of the collective system, and this interlocking of security approaches makes each individual security component highly effective.
In essence, SIEM is a management layer on top of an organization's existing security systems and controls that provides a comprehensive but comprehensive way to view and analyze all network activity from a single interface. A key benefit of SIEM is that security analysts can spend their time observing security threats in real time, rather than spending their days studying the inner workings of each security product in their systems.