Lee is responsible for overseeing security events in his enterprise and wants to observe how various events may be linked using his security information and event management (SIEM) system. He seeks to recognize multiple indicators of compromise that could indicate the same security breach. What would be the most useful implementation for him to adopt?

Correlation dashboards are used to combine events and identify relationships between them. Advanced analytic algorithms, including artificial intelligence (AI) and machine learning (ML), are sometimes employed to achieve this. While a network intrusion detection system (NIDS) may be beneficial, it may not necessarily correlate events on its own. A public key infrastructure (PKI) handles certificates but does not provide correlation or visibility of security events. Trend dashboards demonstrate how things are progressing and the direction in which data and information are moving.