Gartner defines SIEM as a technology that aggregates data produced by security devices, network infrastructure and systems, and applications. Products in the security information and event management (SIEM) market analyze security event data and network flow data in real time for internal and external threat management. They collect, store, analyze and report on log data for incident response, forensics and regulatory compliance. Vendors in this space are continually improving threat intelligence and security analytics. Companies are looking to adopt this technology in order to detect threats and breaches, and by compliance needs. Early breach discovery requires effective user activity, data access and application activity monitoring.
Companies placed by Gartner in the Leaders Quadrant have been the most successful in building an installed base and establishing a revenue stream from the SIEM market. Leaders also typically have a high share of the market and high revenue growth. They’ve also demonstrated superior vision and execution for emerging and anticipated requirements of the market. What’s more, they’ve garnered positive customer feedback for their SIEM products, as well as service and support of those products.
Four vendors are in Leaders quadrant: IBM, Splunk, LogRhythm, McAfee
Three vendors are in Visionaries: Rapid7, Securonix, Exabeam
Gartner placed five companies in the leaders quadrant: IBM, Splunk, LogRhythm, HPE, Intel Security.
|Gartner Magic Quadrant for SIEM , 2017
Magic Quadrant for Security Information and Event Management 2011
Magic Quadrant for Security Information and Event Management 2010
SIEM is hot topic. SPLUNK is going to IPO started on Jan 12 2012. Also in last two years, there are a couple of milestone events happened in SIEM venders which has been listed below:
HP acquired ArcSight Sep 13, 2010, $1.5B
Solarwinds bought TriGeo Jun 23 2011, $3500
IBM acquired Q1 Labs, Oct 4 2011, $????
McAfee acquired NitroSecurity, Dec 1, 2011 $????