Security Information and Event Management (SIEM) systems collect log data from networks, servers, applications, and security devices to provide real-time analysis and historical investigation capabilities. The platform correlates events from disparate sources to identify patterns indicating security incidents, compliance violations, or policy breaches. For example, a SIEM might correlate failed login attempts, geographic anomalies, and privilege escalation to detect a credential compromise. Modern SIEM solutions incorporate machine learning for behavioral analytics and automated threat detection. Organizations use SIEM for compliance reporting, forensic investigation, and as the foundation of security operations centers.