SPOM

Security Information and Event Management (SIEM) is a set of tools that has been around for some time, and the tools have been widely used. SIEM tools basically gather information from a system on security related matters and report on them. A significant criticism of SIEM has been that it reports on security events after the fact - when the horse is out of the barn.

A new set of security management tools, referred to as Security Posture Management (SPOM) attempts to address the shortcomings of SIEM by actually enabling a manager to input information such as acceptable risk levels and then configure the system to meet these levels. Subsequent monitoring provides analyses of the effects of configuration changes and various events on risk.

SPOM is a significant advance in security management and initiates a line of tools that hopefully will result in better security planning and management. For an article on these tools, please click this link.