Question

What is 'SIEM' (Security Information and Event Management)?

Q: Answer-What is 'SIEM' (Security Information and Event Management)?

SIEM e.g., Splunk, IBM QRadar, Microsoft Sentinel collects logs from firewalls, servers, databases, applications, and endpoints, normalizes them, applies correlation rules and machine learning to detect attack patterns and raises alerts for the SOC Security Operations Centre team. Banks use SIEM for fraud detection unusual login patterns, APT detection, insider threat monitoring, and generating audit trails for RBI compliance. RBI mandates a 247 SOC with SIEM capabilities for scheduled commercial banks.

A A software development methodology for secure coding practices

B An encryption standard for securing inter-bank communication so that no intruder can access vital information

C A network segmentation tool used to isolate critical banking systems

D A platform that aggregates and correlates security logs/events from across the IT infrastructure in real time to detect threats, generate alerts, and support compliance reporting

E A regulatory framework for information security governance

Practice Next