The constant growth of cybercrime requires that nations are organizing to unite their defense and protection. In the area of cyber-detection federation requires standardizing in two fields: - Communications between the various tools and security solutions in order to consolidate and correlate information simply, we will call this communication “intra” Security Centers. - Communications between different Security Centers Teams to share information on incidents, we will call this communications “inter” Security Centers (between CSIRT). Both recognized standards at IETF in this field are: - IDMEF (Intrusion Detection Message Exchange Format) – RFC 4765 - IODEF (Incident Object Description Exchange Format) – RFC 5070 These two standards are still relatively new and insufficiently deployed on a market still dominated by proprietary formats. Prelude is a SIEM (Security Information & Event Management). This is a security control tool that fully use IDMEF. Prelude collects and centralizes the company security information of to provide a central point of steering. Thanks to the analysis and correlation of logs, Prelude alerts in real time of intrusion attempts and threats on the network. Prelude offers several tools of investigation and reporting on your big data to identify the weak signals which may prefigure of advanced persistent threats (APT). Finally, Prelude has all the tools to help the operation to simplify operators’ work and risk management.