Essential Capabilities required for Threat Management using an SIEM
A Security Incident and Event Management (SIEM) system is a very capable toolkit; it is used by various industries to achieve a varied set of goals. One of the primary use cases for the
SIEM is Threat Management. In order to deliver quality threat management an SIEM and its environment must be tuned and perfected. This document enlists the essential capabilities
required to deliver quality threat management using an SIEM.