Pricing Login
Platform
Platform overview

SaaS analytics platform for reliable and secure cloud-native applications

More information about platform overview
Multi-cloud

Accelerate cloud migration and optimize infrastructure reliability on any cloud

More information about multi-cloud
Security
Observability
Solutions
Powerful integrations
Kubernetes GitHub AWS Blue Apache MongoDB PagerDuty AWS Lambda Google Kubernetes Engine Microsoft Azure
Comprehensive compliance
  • SOC 2 Type II
  • PCI-DSS
  • FedRAMP®
Customers
Customer stories

Trusted by thousands of customers globally.

More about customer stories
Featured Customer Stories

Pokémon delivers safe gaming to hundreds of millions of users.

Read Pokemon's case study

Data tiering saves Infor $1 million in one year

Read Infor's case study

Monitor and secure 10,000 clouds

Read Hashicorp's case study
Customers by industry:
Browse all
Pricing
Docs
Resources
Resource center

Browse our library of ebooks, briefs, reports, case studies, webinars & more.

More resources
Featured
Helpful Resources
2022 Gartner® Magic Quadrant™ for APM and Observability

Download report

More
More
2022 Gartner® Magic Quadrant™ for SIEM

Download report

More
More
2022 SOAR market guide

Read article

More
More
What is reliability management?

Watch video

More
More
New & Notable
Comply with the CERT-In Directions 2022

Read article

More
More
The ultimate race condition: Securing open source infrastructure

Read article

More
More
Scale automation for secure and reliable applications

Download paper

More
More
Log management: the key to reliable and secure applications

Read the guide

More
More
Training
Blogs
Featured
Eight best practices for a successful cloud migration

Strategy best practices

More
More
DevSecOps and log analysis

Improving application security

More
More
SIEM vs SOAR

Modern SOC tools

More
More
Too many tools?

IT tool consolidation best practices

More
More
View all blogs
Browse by Topic
2022 Gartner® Magic Quadrant™ SIEM

Get the report

More
Webinars
Featured
Sumo Logic quick start webinar

Get started with Sumo Logic

More
More
2022 Global SRE Pulse survey

What’s the state of SRE?

More
More
DOIF: Legacy to cloud-native architectures

What is truly cloud-native?

More
More
The role of automation in SOC response plan

The future of cybersecurity

More
More
View all webinars
Browse by Topic
2022 Gartner® Magic Quadrant™ SIEM

Get the report

More
Guides & reports
Featured
The state of SRE 2022

Download infographic

More
More
Why reliability management matters

Download paper

More
More
A buyer’s guide to observability

Download guide

More
More
Log management: the key to reliable and secure applications

Read the guide

More
More
SOAR: the everything guide to SOAR, tools and solutions

Read the guide

More
More
View all guides & reports
Browse by Topic
2022 Gartner® Magic Quadrant™ SIEM

Get the report

More
Demos & videos
Featured
Unified cloud-native platform vs Splunk

How many tools do you use?

More
More
Demo: AWS observability

Accelerating troubleshooting

More
More
What is reliability management?

SLO, SLI, SLA: Beyond alphabet soup

More
More
Demo: 3 am troubleshooting for an on-call engineer

Step-by-step process

More
More
View all demos & videos
Browse by Topic
2022 Gartner® Magic Quadrant™ SIEM

Get the report

More
Company
Support Contact us Start free trial
Contact us Support Start free trial

DevOps and Security Glossary Terms

Glossary Terms
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

NIST SIEM requirements and standards - definition & overview

In this article
What are NIST SIEM requirements and standards?
What is the National Institute of Standards and Technology?
What is SIEM?
Issues with log management and SIEM
NIST guidance on log data
How Sumo Logic can meet all your SIEM regulatory needs
What are NIST SIEM requirements and standards?
What is the National Institute of Standards and Technology?
What is SIEM?
Issues with log management and SIEM
NIST guidance on log data
How Sumo Logic can meet all your SIEM regulatory needs

What are NIST SIEM requirements and standards?

The National Institute of Standards and Technology (NIST) produces guidance on security information and event management (SIEM). These are standards for dealing with data and systems breaches for which log data can be leveraged to gather more information.

Key takeaways

  • Founded in 1901, the National Institute of Standards and Technology produces compliance guidance and standards on a number of products and fields.
  • NIST provides support and measurements to small businesses as well as enterprise-level organizations.
  • With a certification from the Secretary of Commerce, NIST publishes its guidance on log data in order to assist and support technology-related organizations in the US.
  • Sumo Logic guarantees that your log management systems are congruent with all current and ongoing guidelines and standards.

What is the National Institute of Standards and Technology?

Founded in 1901, the National Institute of Standards and Technology produces compliance guidance and standards on a number of products and fields.

For cyber security organizations that have to collect/store security-related data and provide real-time analysis of security breaches, much of how they conduct their security procedures will have to be in line with the Federal Information Security Management Act (FISMA). NIST develops standards and guidance that directly correspond to the requisites outlined in FISMA.

NIST works directly with the US government’s Secretary of Commerce in order to certify approval for their Federal Information Processing Standards (FIPS). These standards can then be allocated to the public to ensure that organizations are in line with FISMA standards.

NIST provides support and measurements to small businesses as well as enterprise-level organizations.

What is SIEM?

SIEM merges two cyber security methods, SEM and SIM, into one unified solution.

SIEM software is a unified management and integration layer that sits on top of your security and detection infrastructure. As organizations scale and grow, they deploy more hardware, applications, and endpoints which, in turn, increase computer logs. For each security tool, application, or service in your system, your SIEM will collect and integrate all the computer-generated log data captured by each tool and display them in real-time through easy-to-read formats.

As well as providing real-time analysis on security threats throughout your infrastructure, businesses now use SIEM platforms to help make log data, which can be difficult to parse through, easier to digest. This makes it easier for security teams to search for, analyze, and dismantle cyber security threats.

Issues with log management and SIEM

Below are a few common log management issues that organizations face and that SIEM solutions will help in solving:

  • Effectively balancing a limited quantity of log management resources with a continuous supply of log data

  • Log generation and storage processes can become complicated when there are too many log sources, inconsistent log content and formats, and increasingly large volumes of log data

  • Because log management involves protecting confidentiality, integrity, and availability of logs, organizations have to constantly ensure that their security systems and networks are congruent with log management guidelines and standards.

  • It becomes increasingly difficult for organizations to parse through logs that have been created weeks or months in the past, which will get in the way of a company’s ability to perform forensic analysis.

Cutting-edge SIEM solutions, like Sumo Logic, allow organizations to overcome all these challenges with confidence and ease.

NIST guidance on log data

With a certification from the Secretary of Commerce, NIST publishes their guidance on log data in order to assist and support technology-related organizations in the US.

Below are some of the key takeaways from the NIST Guide to Computer Security Log Management.

  • Organizations should establish policies and procedures for log management.

  • Organizations should prioritize log management appropriately throughout the organization.

  • Organizations should create and maintain a log management infrastructure.

  • Organizations should provide proper support for all staff with log management responsibilities.

  • Organizations should establish standard log management operational processes:

    • Monitoring the logging status of all log sources

    • Monitoring log rotation and archival processes

    • Checking for upgrades and patches to logging software, and acquiring, testing, and deploying them

    • Ensuring that each logging host’s clock is synched to a common time source

    • Reconfiguring logging as needed based on policy changes, technology changes, and other factors

    • Documenting and reporting anomalies in log settings, configurations, and processes

How Sumo Logic can meet all your SIEM regulatory needs

Whether you’re an enterprise-level organization or a medium-sized cyber security team, you’re going to have to ensure your SIEM tools and solutions meet NIST requirements and standards.

With Sumo Logic, you’re working with a cutting-edge SIEM solution that will guarantee your log management systems are congruent with all current and ongoing guidelines and standards.

Sumo Logic’s smart software can streamline the compliance process for your organization, so you don’t have to get bogged down by the tedious task of manually ensuring your data-management processes are in compliance with standards and measures.

Try Sumo Logic today.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Start free trial