CyberSecurityTips #23: What should we look for in a SIEM product?

While this is not an exhaustive list, SIEMs or Security Information Event Management solutions should be first user-friendly, overloading users with information will only make them lose the important stuff.
Secondly, they need to be configurable and robust for you to be able to create your detection or use external threat feeds that can supplement and make your decisions easier and faster.

Lastly, the SIEM should be integratable into your current infrastrucutre - making sure that you can automate and onboard, as well as interface with your security devices will help you run your #security with the limited resources you already do.