-
Use cases for SIEM
• Event Management
• Log Management
• Compliance
• Reporting
• Correlation
• Intelligent Security Search
• Threat Detection
• Real-Time Analytics
• User Activity Monitoring
Correlation Capabilities
• Event categorization Threat and anomaly detection
• Correlates all data
• Statistical correlation
• Rule based correlation
• Risk based correlation
• User behavior & profiling
Architecture
• One unified, fully integrated product
• Log Management
• Event Management / Correlation
• NBA
• IntelligentSecurity Search
Database Technology
• Purpose-built Non-relational database
• No DBA required
• Purpose- built
• Highly scalable
Data Type / Sources
• Log & Event data
• Network flow analysis
• NBA