A Security Information and Event Management (SIEM) system is the most appropriate solution. Its fundamental purpose is to aggregate log and event data from numerous, disparate sources across an enterprise, including hybrid cloud environments. A SIEM normalizes this data into a common format and provides a centralized platform for real-time analysis, correlation, and alerting. This core functionality directly addresses the security team's need to correlate event data from different sources in a central location to gain comprehensive security visibility and detect complex threats.

A. File integrity monitoring (FIM): FIM is a specialized control that detects changes to critical system and application files; it does not correlate events from diverse sources.

B. Data loss prevention (DLP): DLP systems focus on identifying and preventing the unauthorized exfiltration of sensitive data, acting as a data source for a SIEM, not the central correlator.

C. Intrusion detection system (IDS): An IDS monitors network or host activity for malicious patterns but lacks the capability to ingest and correlate data from other security tools and systems.

1. NIST Special Publication 800-92, Guide to Computer Security Log Management. Section 2.3, "Log Management Infrastructure," describes the functions of log aggregation, analysis, and reporting from various sources, which are foundational components of a SIEM. It states, "Log analysis may be performed in a centralized or decentralized manner. Most organizations use a hybrid approach, with centralized logging and analysis for enterprise-wide events..." (p. 11).

2. Microsoft. (2023). What is Microsoft Sentinel?. Microsoft Learn. This official vendor documentation for a leading SIEM product states, "Microsoft Sentinel is a scalable, cloud-native solution that provides security information and event management (SIEM)... Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds." (Introduction, para. 1).

3. B. T. D. P. K. K. Wijesinghe and A. S. Karunananda, "A Review on Security Information and Event Management," 2020 2nd International Conference on Advancements in Computing (ICAC), 2020, pp. 316-321. This peer-reviewed paper defines the technology: "SIEM is a combination of Security Information Management (SIM) and Security Event Management (SEM) which provides real-time analysis of security alerts generated by network hardware and applications." (Abstract). This highlights its role in analyzing alerts from multiple sources. DOI: https://doi.org/10.1109/ICAC51239.2020.9357221.