@@ -384,11 +384,26 @@ Users of a SIEM system include:
* Amateur "home lab" administrators
* Software that uses security information and events as input, such as SOAR
## 4.10 Risk distribution among components
## 4.10 Distribution of security functions
_Risk can be transferred between components, for example a network interface can document that secure update of its firmware must be handled by an external program, such as an operating system. In turn, the operating system can offer the security functionality of secure updates to other components in a system._
## 4.10.1 Security functions provided outside the product
_Describe what risks are delegated to other components, as well as what security functionalities this product offers to things integrated with it._
Security functions provided by other components of a system to a SIEM product may include:
* Software updates
* Secure communication channels
* Antivirus scanning
* Secure data storage
* Authentication
* Authorization
* Availability
## 4.10.2 Security functions provided to other products
Security functions a SIEM product may provide to other components of the system may include:
