1. Security Information and Event Management (SIEM):
   1. An approach to security management that combines SIM (Security Information Management) and SEM (Security Event Management) functions into a single product.
   2. Note: The acronym SIEM is pronounced "sim" with a silent e.
2. Capabilities of a SIEM solution include:
   1. Data Aggregation:
      1. Combining data from network devices, servers and applications
   2. Correlation Engines:
      1. Automatically look for common attributes of events across the various monitored platforms
   3. Compliance with government regulatory auditing processes
   4. Forensic Analysis
   5. Automatic De-Duplication:
      1. The elimination of redundant data
   6. Configuration Compliance Manager:
      1. Scanning for configuration compliance
   7. Write-Once, Read Many (WORM):
      1. Log information, once written, cannot be changed.