What is a SIEM Use Case?

In regard to rising trends and forms of attacks, a growing number of organizations opt for SIEM solutions so that they can provide a proactive measure for threat management and also acquire a detailed and centralized view of the overall security measures of their organization. Since SIEM is the foundation of a security infrastructure, there are large varieties of SIEM use cases.



Due to the revolution of the internet, cyber-attacks on unsecured networks are increasing tremendously and organizations are on the verge of data breaches. Securing proprietary information, Personally Identifiable Information (PII), or any other sensitive data have become a daunting task. Preventing business disruption, information theft, and reputational loss is necessary to thrive and survive in the competitive industry.


What are Next SIEM Technologies?

An industry that is worth more than $2 billion, SIEM keeps growing and evolving. The first instances of SIEMs appeared as descendants of numerous security technologies: LSM, SIM, SLM/SEM, SEC and such. The earliest versions were so limited that they were barely able to scale across large companies and were rather slow. They also needed huge teams to manage thus raising the costs ever-higher. However, SIEMs have changed greatly since.


AT&T Cybersecurity Maintains Very Strong Ranking After Acquisition of AlienVault

The results are in, and once again AT&T’s Cybersecurity is recognized as an industry leader by securing its third consecutive ranking of “very strong” in Global Data’s annual product report. AT&T is the only company to achieve this hat-trick rating in all of Global Data’s seven categories of assessment. AT&T’s bold acquisition of AlienVault has reaffirmed its position as the cybersecurity leader with both competitive and qualitative edges.


Dear Buttercup, To SIEM or not to SIEM; that is the Question

Dear Buttercup, I have so many questions about CIM, SIM, SIEMs. Is Splunk a SIEM? Do I need one? I have Splunk Core and Splunk Security Essentials… is that enough? What does a SIEM give me that Splunk Core doesn’t? Your Devoted User, Bugged Bret from Binghamton, NY Dear Bugged Bret, Oh dear. I can see you have worked yourself into quite the bother.


Five reasons to choose Log360, part 2: Multi-environment support

In the previous post of this series, we looked at how easy it is to get Log360 up and running due to its various deployment features and easy-to-use UI. Today, we’ll dive into the solution’s wide range of support for event sources across multiple environments. Servers and workstations. With Log360, you can easily go deep into the events occurring on all Windows, Unix/Linux, and IBM servers and workstations in your network.


What is Real-Time Threat Intelligence?

Would you sit back in your chair and do nothing while your systems are under attack? You may be, without even realizing it. Businesses are increasingly finding themselves under cyberattacks carried out by hackers or criminals. However, many of them fail to recognize that they have been attacked until it is too late to do anything. That is why timing is the most essential component of cyber security. Fighting attacks proactively instead of reactively can save your systems and networks.


What is Log Correlation?

Log data collection and management in IT have proved their importance in the past. Log collection and log correlation have become essential for security, internal control or compliance purposes. The average IT environment, though, consists of numerous components like software and hardware, and the logs can easily grow into hundreds of thousands in a blink of an eye. Logs contain essential pieces of network and device intelligence: What are user up to? What data is being viewed? By whom?


3 key takeaways on Cloud SIEM from Gartner Security & Risk Management Conference 2019

Gartner has been a thought leader in the SIEM space for the last few years. Gartner’s Magic Quadrant is considered one of the top market research reports on SIEM’s capabilities and vendors. Very recently, I attended the 2019 Gartner Security & Risk Management Conference, and based on thousands of conversations Gartner has had with their clients, they have a good vantage point on the SIEM space this year.


Five reasons to choose Log360, part 1: User-friendly deployment and UI

SIEM solutions are a must-have in any organization’s security toolkit. They allow you to analyze events from your network, gain actionable insights into network activity, and detect and mitigate data breaches and other security incidents, all while remaining compliant with regulatory mandates. Log360 is ManageEngine’s comprehensive SIEM offering that helps organizations meet a wide range of auditing, security, and compliance needs.