Blog post

Our SIEM Futures Paper Publishes!

By Anton Chuvakin | May 21, 2012 | 0 Comments


Security Information and Event Management Futures” paper by myself and Ramon Krikken is up on the Gartner site – go and grab it there. Abstract follows below:

“Security information and event management (SIEM) is the principal technology used for security monitoring by enterprises today. This assessment predicts the directions for this technology in the next two to three years and highlights five primary trends that will define the SIEM tools of the near future.”

Here are a few (and I mean it – ONLY a few) fun quotes:

  • “SIEM tools have been, and are expected to remain, a central point for security monitoring within enterprises.”
  • “SIEM faces opportunities for growth in five core areas: new types of log and context data, shared intelligence, novel analytic algorithms, monitoring of emerging environments, and application security monitoring.” <- one of the central points of the paper!
  • “SIEM is a security technology, but it is also a data management technology. In addition to being a data management technology, SIEM is inherently a data analysis technology. This will continue to drive its evolution.”
  • “Before evaluating and deploying capabilities of SIEM tools and other monitoring solutions, organizations need to realize that newly emerging IT environments must be covered by security monitoring.” (see this for details)

If you don’t have a subscription, please enjoy my blog posts from the same research project:

Finally, I will be working on another piece of SIEM research (focused on the present, not future) in Q3 2012. It is time to address SIEM architecture, deployment planning, and key aspects of SIEM operations in a detailed GTP-style document!

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed