From gbhackers.com
![SIEM Better Visibility for SOC Analyst to Handle an Incident with Event ID](https://i0.wp.com/1.bp.blogspot.com/-7o4M3mVpOeE/XSyUIUYzMjI/AAAAAAAAC8c/dy9vdyfbGkQBwWWQhFKw5TIJcGMSneGTQCLcBGAs/s1600/event-compressor%2B%25281%2529.jpg?w=696&ssl=1)
We are in the complex world where attacks are increasing day by day, so today the cyber intelligence depends on SIEM as a part of infosec (security incident and event management).
Most companies depend on logs and packets to have a better view.. above 90 % of them are working with logs rather than packets. People, process, and technology will be a triangle for security operations.