Friday, February 15, 2008

One More Time on Log Management and SIEM

I did blog a lot to explain the connections and differences between SIEM and log management a few times (e.g. here, here, here, here), but here is a perfect high-level description from the interview with our new CEO: "One of the promising applications for log management is Security Information and Event Management (SIEM). [...] According to recent studies from ESG and the SANS Institute, security, risk and compliance issues comprise only 30% of all log management use cases."

Get it? SIEM is about "S" - security, while log management is about "L" - i.e. logs; logs for all uses inside and outside of security.

No comments:

Dr Anton Chuvakin