“Security information and event management (SIEM) is the principal technology used for security monitoring by enterprises today. This assessment predicts the directions for this technology in the next two to three years and highlights five primary trends that will define the SIEM tools of the near future.”
Here are a few (and I mean it – ONLY a few) fun quotes:
- “SIEM tools have been, and are expected to remain, a central point for security monitoring within enterprises.”
- “SIEM faces opportunities for growth in five core areas: new types of log and context data, shared intelligence, novel analytic algorithms, monitoring of emerging environments, and application security monitoring.” <- one of the central points of the paper!
- “SIEM is a security technology, but it is also a data management technology. In addition to being a data management technology, SIEM is inherently a data analysis technology. This will continue to drive its evolution.”
- “Before evaluating and deploying capabilities of SIEM tools and other monitoring solutions, organizations need to realize that newly emerging IT environments must be covered by security monitoring.” (see this for details)
If you don’t have a subscription, please enjoy my blog posts from the same research project:
Finally, I will be working on another piece of SIEM research (focused on the present, not future) in Q3 2012. It is time to address SIEM architecture, deployment planning, and key aspects of SIEM operations in a detailed GTP-style document!
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.