It is with tremendous excitement that I am announcing the publication of my “Evaluation Criteria for Security Information and Event Management” document and SIEM selection tool (download link inside the document).
Love the “Magic Quadrant for Security Information and Event Management” and “Critical Capabilities for Security Information and Event Management” but want more details? [and I mean MORE DETAILS!!] Use our SIEM evaluation criteria!!!
There are numerous use cases for this essential document/tool, such as:
- Figure out what to look for in a SIEM product
- Create your very own set of SIEM selection criteria
- Evaluate a SIEM product based on a set of criteria
- Compare two or more SIEM products and choose the product that fits better
- Build an RFP/RFI for SIEM
- Understand the vendor materials and map vague claims to specific, measurable features
- Impress your friends with knowledge of esoteric SIEM features such as “Agents and collectors should be able to operate within low-bandwidth requirements and throttle the data based on predefined rules and requirements” or “The ability to group assets, users, log sources and so forth automatically and/or based on external information.”
Without further ado, enjoy the …
30 June 2014 | G00262712
Analyst(s): Anton Chuvakin
SIEM is a pivotal and widely used security technology, and a deep understanding of SIEM technology is critical for success in acquiring the right SIEM product. This evaluation criteria document helps define and refine SIEM buying criteria.
And don’t tell me I didn’t warn you about the details
Related announcement posts:
- My Threat Intelligence and Threat Assessment Research Papers Publish
- My Updated Vulnerability Management Practices Paper Publishes
- My Security Solution Paths Published: Threats and Vulnerabilities
- All My Research Published in 2013
Select recent SIEM blog posts:
- SIEM Magic Quadrant 2014 Is Out!
- On SIEM Tool and Operation Metrics
- SIEM Analytics Histories and Lessons
- Back to SIEM Research!
- SIEM Webinar Questions – Answered
- How to Use Threat Intelligence with Your SIEM?
- Detailed SIEM Use Case Example
- On “Output-driven” SIEM
- On SIEM Maturity Scale and Maybe On CMM Too
- On SIEM Deployment Evolution
- On People Running SIEM
- On SIEM Processes/Practices
- On Large-scale SIEM Architecture
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.