Security Monitoring State of the UnionBy Mike Rothman
A few years ago we wrote a paper called Security Monitoring Team of Rivals, which really highlighted the reality that you had to make your SIEM and security analytics products work together. The analytics platforms could not provide the broader capabilities delivered by the SIEM, especially in the areas of compliance and incident response. And the SIEM wasn’t really built to do higher end analytics, and it showed when trying to do anything but fairly simple correlation.
Oh, how the times have changed. We’ve seen a pretty dramatic evolution of features on both sides of the discussion. And shockingly enough, all of the players in the market are positioning to provide the strategic platform for security monitoring.
We see existing SIEM players bundling in security analytics capabilities, and security analytics players positioning their products as next-generation SIEM. As usual, customers are caught in the middle, trying to figure out what is the truth and what is marketing puffery.
So in this Security Monitoring State of the Union paper, we delve into the use cases driving the need for security monitoring, the product/service requirements that emerge from these use cases, and the buying process to choose your security monitoring platform.
As always our research is licensed by forward-looking companies that realize the importance of educating their communities on the rapidly changing technology landscape. Our friends at McAfee have licensed this report. Our research is done using our Totally Transparent research methodology. This allows us to do impactful research while protecting our integrity.
You can download the paper (PDF).