Authors: Kiran Desai
Abstract: – As cyber threats evolve in complexity and frequency, traditional security monitoring systems struggle to keep pace with modern enterprise needs. Security Information and Event Management (SIEM) systems have long served as a cornerstone for centralized logging and alerting, but the sheer volume of alerts and incidents now threatens to overwhelm human operators. This has led to a critical shift toward integrating artificial intelligence (AI) and machine learning (ML) into SIEM platforms. AI-driven SIEM systems automate detection, triage, and even response to incidents, enabling security teams to operate more efficiently and effectively. These systems can analyze vast datasets in real time, identify anomalous behaviors, and recommend or initiate appropriate countermeasures with minimal human intervention. This article explores the architecture, algorithms, integration strategies, and real-world applications of AI-enhanced SIEM systems. It also examines key challenges such as data quality, model drift, and regulatory compliance, while offering insights into future trends like explainable AI and predictive threat modeling. The goal is to provide a comprehensive understanding of how AI transforms SIEM into an intelligent, adaptive shield against modern cyber threats
DOI: https://doi.org/10.5281/zenodo.16751895
