{"id":57,"date":"2016-04-04T15:49:35","date_gmt":"2016-04-04T19:49:35","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=57"},"modified":"2018-02-23T11:33:35","modified_gmt":"2018-02-23T15:33:35","slug":"alphabet-soup-deciphering-siem-23-pieces-security-jargon","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/","title":{"rendered":"Alphabet Soup: Deciphering SIEM and 23 More Pieces of Security Jargon"},"content":{"rendered":"

\"alphabetsoupSIEM\"In the past decade, Security Information and Event Management (SIEM) has emerged as one of the most essential tools in IT security. In 2016, SIEM is a mature market, and a mainstay in enterprise security, but that doesn\u2019t mean that dealing with SIEM and security analytics solutions has gotten any easier over the past decade.<\/p>\n

SIEM has a reputation as a complex and convoluted product, and those complications often start with the most basic roadblock: jargon.<\/p>\n

There is a seemingly endless torrent of terminology surrounding information security, and the acronyms just keep piling up\u2014first there was SIM and SEM, now we have SIEM. CmDb, DLP, DPI\u2014it can all get a little dizzying. Worst of all, you can hardly find an explanation that doesn\u2019t reference another half dozen ciphered terms.<\/p>\n

SIEM may be keeping security from drowning in event data but it’s burying them in acronyms.<\/p>\n

Here at Solutions Review, we do our best to provide IT professionals with the top information security best practices, news and buyer\u2019s guides, so to help you out we\u2019ve defined a few of the top SIEM terms and acronyms, including SIEM itself.<\/p>\n

We hope you find the following 24 definitions useful.<\/p>\n

PS. Keep your eyes peeled for our forthcoming full SIEM glossary, with over 50 terms defined and organized in an easy-to-navigate format.<\/p>\n

\n

Those of you looking for a more in-depth breakdown of the SIEM market may also be interested in the following resources:<\/p>\n

Compare the capabilities of the top SIEM vendors with Gartner\u2019s 2015-2016 SIEM Critical Capabilities Report. Get your copy here.<\/a><\/em><\/p>\n

Looking for a straight forward, side-by-side look at what each SIEM solution provides? Check out the new\u00a02016 Solutions Review SIEM Buyer\u2019s Guide<\/a> to get a little more background information on today\u2019s top 24 SIEM provide<\/em>rs.<\/p>\n

\n

An advanced persistent threat (APT)<\/strong> is a type of network attack in which an unauthorized entity gains access to a network and stays there,undetected, for an extended amount of time. Usually, the perpetrator of an APT wants to escalate their own privileges in order to steal data, rather than damaging the network, which would likely blow their cover..<\/p>\n

Big Data <\/strong>is\u00a0<\/strong>a\u00a0broad term used to describe unconventional data sets which are either too large or too complex to be dealt with using traditional data-processing techniques.<\/p>\n

Compliance \u2013\u00a0<\/strong>In IT and data storage terminology, compliance refers to organizational compliance with government regulations regarding data storage and management and other IT processes.<\/p>\n

A Configuration Management Database (CmDb)<\/strong> is a database containing all necessary information about an organization’s IT systems, the components of those systems, and their relationships. In the context of a CmDb, all components of an IT system (software, hardware, personnel, etc.) are referred to as configuration items (CI), and are tracked by a configuration management process.<\/p>\n

Data Migration <\/b>is the process of moving data between two or more storage systems, data formats, warehouses or servers.<\/p>\n

A Database<\/strong>\u00a0<\/b>is an organized collection of data.<\/p>\n

Data Loss Prevention (DLP)<\/strong> products are tools that help network administrators prevent data loss (duh) by controlling which data end users may transfer.<\/p>\n

Deep Packet Inspection (DPI)<\/strong> is a network packet filtering process that examines data contained in a packet for non-compliance, viruses, malware, or other unwanted components.<\/p>\n

Encryption <\/strong>is the process of transforming data into an unintelligible form so the original data either cannot be obtained or can be obtained only by using a decryption process.<\/p>\n

Flow –\u00a0<\/strong>A single transmission of data passing over a link during a conversation.<\/p>\n

A flow log <\/strong>Is a\u00a0collection of flow records.<\/p>\n

Flow sources<\/strong>\u00a0 are the origins from which flow is captured. A flow source is classified as internal when flow comes from hardware installed on a managed host or it is classified as external when the flow is sent to a flow collector.<\/p>\n

A gateway<\/strong> is a\u00a0device or program used to connect networks or systems with different network architectures.<\/p>\n

Incident response<\/b> is an organizational approach to addressing and managing the aftermath of a \u00a0breach or attack (AKA an incident). An Incident\u00a0Response Plan<\/strong>\u00a0aims to limit damages incurred by an incident and bring down recovery time and costs.<\/p>\n

Infrastructure –\u00a0<\/b>Information technology (IT) infrastructure is a combined set of hardware and virtual resources that support an overall IT environment.<\/p>\n

Log files<\/strong> are files that record either events that occur in an operating system or software, or messages occurring on communication software. For example, when a failed login to an E-mail system occurs, a log file is created to record that even.<\/p>\n

Logging<\/strong> is the act of keeping a log for an extended period of time.<\/p>\n

Log aggregation <\/strong>is\u00a0<\/strong>the practice of collecting log data in a centralized location where it can be analyzed more effectively.<\/p>\n

Log management <\/strong>is the workflow, devices, procedures, policies and other systems in place governing the collection, aggregation, and analysis of network log data.<\/p>\n

A\u00a0Log Source <\/strong>is\u00a0either the security equipment or the network equipment from which an event log originates.<\/p>\n

Security Information and Event Management, or SIEM<\/strong> (pronounced \u2018sim\u2019 as in SIMcard, or SimCity) is a term for software and services that combine security information management (SIM) tools, which are geared towards log collection and report generation, with security event management (SEM) tools, which focus on real-time event analytics, correlation, and alerting.\u00a0SIEM solutions<\/strong> are complex systems that help organizations decrease the impact of advanced cyber attacks by proactively monitoring the network for irregular activity in real-time.<\/p>\n

Security Event Management (SEM)<\/strong> solutions are software tools that centralize storage and interpretation of logs and events generated on a network. SEM is the real-time event monitoring, correlation, and notifications that most compliance regulations want you to have.<\/p>\n

Security Information Management (SIM)<\/strong> solutions are tools that automate the collection, monitoring, and analysis of security-related data from computer logs.<\/p>\n

User Behavior Analytics<\/b> (UBA)<\/strong>\u00a0is defined by Gartner, as a cyber security process aimed at the detection of insider threats, targeted attacks, and financial fraud via the analysis of patterns of human behavior. UBA solutions analysis large volumes of data about users on a network and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns, which could alert administrators to an imminent threat.<\/p>\n
Widget not in any sidebars
\n
Widget not in any sidebars
\n","protected":false},"excerpt":{"rendered":"

In the past decade, Security Information and Event Management (SIEM) has emerged as one of the most essential tools in IT security. In 2016, SIEM is a mature market, and a mainstay in enterprise security, but that doesn\u2019t mean that dealing with SIEM and security analytics solutions has gotten any easier over the past decade. […]<\/p>\n","protected":false},"author":24,"featured_media":98,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[77,183,184,40,42,78,22,79],"acf":[],"yoast_head":"\nAlphabet Soup: Deciphering SIEM and 23 Other Pieces of Security Jargon<\/title>\n<meta name=\"description\" content=\"SIEM may be rescuing security pros from mountains of event data, but its burying them in jargon.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Alphabet Soup: Deciphering SIEM and 23 Other Pieces of Security Jargon\" \/>\n<meta property=\"og:description\" content=\"SIEM may be rescuing security pros from mountains of event data, but its burying them in jargon.\u00a0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2016-04-04T19:49:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-02-23T15:33:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"300\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jeff Edwards\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jeff Edwards\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/\",\"name\":\"Alphabet Soup: Deciphering SIEM and 23 Other Pieces of Security Jargon\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg\",\"datePublished\":\"2016-04-04T19:49:35+00:00\",\"dateModified\":\"2018-02-23T15:33:35+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\"},\"description\":\"SIEM may be rescuing security pros from mountains of event data, but its burying them in jargon.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg\",\"width\":600,\"height\":300},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Alphabet Soup: Deciphering SIEM and 23 More Pieces of Security Jargon\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\",\"name\":\"Jeff Edwards\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"caption\":\"Jeff Edwards\"},\"description\":\"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.\",\"sameAs\":[\"https:\/\/solutionsreview.com\",\"https:\/\/x.com\/InfoSec_Review\"],\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jedwards\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Alphabet Soup: Deciphering SIEM and 23 Other Pieces of Security Jargon","description":"SIEM may be rescuing security pros from mountains of event data, but its burying them in jargon.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/","og_locale":"en_US","og_type":"article","og_title":"Alphabet Soup: Deciphering SIEM and 23 Other Pieces of Security Jargon","og_description":"SIEM may be rescuing security pros from mountains of event data, but its burying them in jargon.\u00a0","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2016-04-04T19:49:35+00:00","article_modified_time":"2018-02-23T15:33:35+00:00","og_image":[{"width":600,"height":300,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg","type":"image\/jpeg"}],"author":"Jeff Edwards","twitter_misc":{"Written by":"Jeff Edwards","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/","name":"Alphabet Soup: Deciphering SIEM and 23 Other Pieces of Security Jargon","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg","datePublished":"2016-04-04T19:49:35+00:00","dateModified":"2018-02-23T15:33:35+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6"},"description":"SIEM may be rescuing security pros from mountains of event data, but its burying them in jargon.\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2015\/09\/alphabetsoupSIEM.jpg","width":600,"height":300},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alphabet-soup-deciphering-siem-23-pieces-security-jargon\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Alphabet Soup: Deciphering SIEM and 23 More Pieces of Security Jargon"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6","name":"Jeff Edwards","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","caption":"Jeff Edwards"},"description":"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.","sameAs":["https:\/\/solutionsreview.com","https:\/\/x.com\/InfoSec_Review"],"url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jedwards\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/57"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=57"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/57\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/98"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=57"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=57"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=57"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}