SIEM (Security Information and Event Management)
A platform that collects, correlates, and analyses security logs from across an organisation's IT infrastructure to detect threats and support incident response.
SIEM systems aggregate logs from firewalls, servers, endpoints, applications, and cloud services into a single platform. They use correlation rules and machine learning to identify suspicious patterns — like a user logging in from Malaysia and Singapore simultaneously, or multiple failed login attempts followed by a success. For SMEs that cannot afford in-house SIEM, managed security services provide this capability as a subscription.