During the past year, the demand for SIEM (Security Information and Event Management) technology remained strong. The widespread adoption of the SIEM technology is driven both by the need for security and compliance with regulations. Most of security needs is the effective detection of targeted attacks and violations.
Organizations are failing at early breach detection, with more than 92 percent of breaches undetected by the breached organization. The situation can be improved through a better understanding of the threat, adding patterns of behavior and better analysis. Several SIEM vendors begin to position their technologies as platforms capable of providing a safety analysis, operations and applications.
Gartner has just published its annual Magic Quadrant report for Security Information and Event Management (SIEM) Technology and rated 15 vendors on how their products address customers’ needs for security Relevant Products/Services intelligence Relevant Products/Services and analytics Relevant Products/Services, ranking them on their ability to execute and completeness of vision.
Gartner defines the SIEM Leaders quadrant as being composed of vendors that provide products that are a good functional match to general market requirements, have been the most successful in building an installed base and revenue stream within the SIEM market, and have a relatively high viability rating (due to SIEM revenue or SIEM revenue in combination with revenue from other sources).
According to the report, IBM is the market leader in the provision of security information and event management solutions. IBM was able to secure the top position and moves within the guide field ahead of its competitors HP, Splunk and McAfee. The excellent positioning confirms the recent successes in this area. More recently, IBM had climbed in Gartner’s ranking of the security software provider with the strongest sales in third place.
The report said IBM’s QRadar is the top most integrated view of the threat environment using NetFlow DPI and full packet capture in combination with log data, configuration data, and vunerability data from monitored sources. solution is also part of a broader integrated Threat Protection System that goes far beyond the traditional approaches of protection. This criterion is assessed by conducting qualitative interviews of vendor-provided reference customers in combination with feedback from Gartner clients that are using or have completed competitive evaluations of the SIEM offering.
The report further highlighted that SIEM is a $1.5 billion market that grew 16 percent during 2013 – with an expected growth rate of 12.4 percent during 2014. The large vendors like HP, IBM, McAfee, EMC (RSA) and Splunk command about 60 percent of market revenue.
HP’s ArcSight Express and Enterprise Security Manager (ESM) provide a complete set of SEM capabilities to support security operations. The other security market leader Splunk strong presence in IT operations groups can provide the security organization with early hands-on exposure to its general log management and analytics capabilities, pre-SIEM deployment by operations for critical resources, and in-house operations support for an expanded security-focused deployment.