SIEM forwarding plans

SIEM (Security Information and Event Management) platforms are cybersecurity solutions that provide centralized log management, offer real-time threat detection, facilitate incident investigations, and help organizations meet compliance requirements. They work by consolidating and analyzing security data, such as logs from firewalls, intrusion detection systems, servers, and applications. This is done in real-time, to generate prioritized alerts for any suspicious activities and potential threats. Security teams then use the consolidated data and alerts to investigate flagged cybersecurity incidents, understand their scope, and take timely action to contain and mitigate threats.

SIEM platforms provide a comprehensive view of an organization's security posture, enabling early detection of advanced threats and anomalies. They help organizations meet regulatory and industry-specific security compliance standards, by providing centralized data and reporting. They offer a centralized console for managing security events, providing better visibility into the security operations center (SOC).

With Acronis SIEM forwarding plans, you nominate a protected device for each participating customer. The Acronis agent on that device acts as the SIEM data writer. It writes alert, event, task, activity, and audit log information to a folder on the device. This data can then be forwarded to the SIEM platform for processing.