
Protecting the cloud, one event at a time
Security Information and Event Management (SIEM) solutions often predate CWWP ones – these products were logical extensions of standard network reporting. SEIM solutions focus on the analysis event data in real time for early detection of targeted attacks and data breaches. They also collect, aggregate, and report on this data, primarily for incident response, forensics, and regulatory compliance requirements.While SIEM solutions started out as simple log data analysis solutions, today’s SIEM solutions can also process other forms of security data, including network telemetry. They can combine this information with contextual information across a range of other aspects, including users, assets, threats, and known vulnerabilities. So while SIEM may have approached workload protection from the outside-in (i.e., originally focusing on attacks), they are a credible option for cloud workload security today.
Today, most SIEM systems work as follows: they deploy collection agents (multiple ones, in a hierarchy) to pull-in any security-related events from devices, services, networks, and security solutions like firewalls and intrusion prevention systems. All this data is aggregated into a central management console – while some processing can be automated through AI, in most cases security analysts need to review the data and prioritize incidents.
In other words, SIEM works from the event backwards – and in doing so they will protect cloud workloads by default. SIEM solutions are also evolving: as most of the SIEM vendors came from data collection, it’s a natural extension to move into security and operations response (SOAR). However, few of them focus on compliance or posture management – these are hard-core attack management and prevention systems. From an IT compliance standpoint, they don’t address those issues at all.
Our next blog will look at the most recent category – Cloud Security Posture Management.

Rapport 2025 sur les ransomwares
Principales conclusions concernant l’expérience et l’impact des ransomwares sur les organisations du monde entier
S’abonner au blog de Barracuda.
Inscrivez-vous pour recevoir des informations sur les menaces, des commentaires sur le secteur et bien plus encore.

Sécurité des vulnérabilités gérée : correction plus rapide, risques réduits, conformité simplifiée
Découvrez à quel point il peut être facile de trouver les vulnérabilités que les cybercriminels cherchent à exploiter