We are happy to announce that our awesome SIEM papers have just published:
- The fabled “Security Information and Event Management Architecture and Operational Processes” (now in its 3rd edition) is our 2016 update to a really popular and well-rated “bible” on how to run a SIEM opertation. Both of us think that it exudes pure awsomeness! Those who read the previous version …. do not despair: this one IS a bit shorter….thus with more concentrated awesomeness inside.
- Renamed and heavily updated “SIEM Technology, Market and Vendor Assessment” contains 2016 extended SIEM vendor profiles, technology trends, discussion on SIEM sourcing options and so much more. Did we mention it is awesome? Well, we did now…
Some juicy quotes follow below:
- “Gartner expects security information and event management (SIEM) tools to remain a central point for enterprise security monitoring. “
- “Ultimate SIEM program success is determined more by operational processes than by architecture or specific tool choice. SIEM implementations often fail to deliver full value due to broken organizational processes and practices and lack of skilled and dedicated personnel.”
- “A mature SIEM operation is a security safeguard that requires ongoing organizational commitment. Such commitment is truly open-ended — security monitoring has to be performed for as long as the organization is in business.”
- “SIEM products are gaining additional analytics capabilities — via acquisition of user and entity behavior analytics (UEBA) vendors, internal development or OEM partnerships — and the trend for more analysis of already-available data will grow further.”
One more super-exciting paper is coming soon – our study on security monitoring and SIEM use cases, in depth.
Related blog posts annoucing research publication:
- All My Research Published in 2015
- Our Vulnerability Assessment Vulnerability Management Research Publishes
- 2030: Have They Social Engineered Your AI?! [our Maverick piece published]
- My “Evaluation Criteria for Security Information and Event Management” 2015 Update Publishes
- My “How to Monitor the Security of Public Cloud Resources” Publishes
- My “Demystifying Security Analytics: Sources, Methods and Use Cases” Paper Publishes
- My “How to Work With an MSSP to Improve Security” Paper Publishes
- Our “Selecting Security Monitoring Approaches by Using the Attack Chain Model” Publishes
- All My Research Published in 2014
- All My Research Published in 2013
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.